2483 matches found
PT-2025-22459 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 17.10.7 GitLab CE/EE version 17.11 prior to 17.11.3 GitLab CE/EE version 18.0 prior to 18.0.1 Description: An issue has been discovered in GitLab CE/EE that could allow an authenticated attacker to cause a denia...
Netgate pfSense CE 跨站脚本漏洞
Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate that supports enterprise-class network security and network management features. A cross-site scripting vulnerability exists in Netgate pfSense CE versions prior to 2.8.0 beta, which stems from a cross-si...
Netgate pfSense CE 代码注入漏洞
Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE prior to version 2.8.0 beta, which stems from improperly cleaned user...
PT-2025-21162 · Unknown +1 · Pfsense Ce +1
Name of the Vulnerable Software and Affected Versions: pfSense CE versions prior to 2.8.0 beta release corresponding Plus builds versions prior to 2.8.0 beta release Description: The issue is related to command injection in the OpenVPN widget due to improper sanitization of user-supplied input to...
CVE-2024-54780
CVE-2024-54780 affects Netgate pfSense CE (prior to 2.8.0 beta) and corresponding Plus builds. The vulnerability is a command-injection flaw in the OpenVPN widget caused by improper sanitization of user-supplied input to the OpenVPN management interface, enabling an authenticated attacker to inje...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure due to the improper handling of Smarty syntax errors in CMS pages. An attacker can expose sensitive user information by inducing a Smarty syntax error in a CMS page. Note: The official vendor's hotfix for this issue...
PT-2025-20571 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.1 through 17.9.7 GitLab CE/EE versions 17.10 through 17.10.5 GitLab CE/EE versions 17.11 through 17.11.1 Description: An issue has been discovered in GitLab CE/EE that could cause a Denial of Service DoS condition. Th...
PT-2025-20573 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.0 through 17.9.7 GitLab CE/EE versions 17.10 through 17.10.5 GitLab CE/EE versions 17.11 through 17.11.1 Description: An issue has been discovered in GitLab CE/EE that allows users to bypass IP access restrictions and...
PT-2025-20572 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.3 through 17.9.7 GitLab CE/EE versions 17.10 through 17.10.5 GitLab CE/EE versions 17.11 through 17.11.1 Description: An issue has been discovered in GitLab CE/EE that allows attackers to bypass Device OAuth flow...
CVE-2025-0639
An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...
PT-2025-17705 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.7 through 17.9.7 GitLab CE/EE versions 17.10 through 17.10.5 GitLab CE/EE versions 17.11 through 17.11.1 Description: An issue has been discovered affecting service availability via issue preview in GitLab CE/EE. The...
CVE-2025-2469 Debug Messages Revealing Unnecessary Information in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.9.6, and 17.10 before 17.10.4. The runtime profiling data of a specific service was accessible to unauthenticated users...
CVE-2025-1677
CVE-2025-1677 is a DoS in GitLab CE/EE causing denial of service when oversized payloads are injected into CI pipeline exports. Affected versions: all up to 17.8.7, 17.9 prior to 17.9.6, and 17.10 prior to 17.10.4. Remediation: upgrade to GitLab 17.9.6 or 17.10.4 or later (per provided details). ...
PT-2025-15975 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.8.7 and earlier, versions 17.9 prior to 17.9.6, and versions 17.10 prior to 17.10.4. Description: A denial of service DoS issue exists in GitLab CE/EE. The issue occurs when oversized payloads are injected into CI...
PT-2025-15976 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.12 through 17.8.6 GitLab CE/EE versions 17.9 through 17.9.5 GitLab CE/EE versions 17.10 through 17.10.3 Description: An issue has been discovered affecting GitLab CE/EE, where under certain conditions, users could...
PT-2025-33050 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.2 through 18.0.5 GitLab CE/EE versions 18.1 through 18.1.3 GitLab CE/EE versions 18.2 through 18.2.1 Description: An issue exists in GitLab CE/EE that allows authenticated users to create a denial of service condition...
CVE-2025-0811
An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Improper rendering of certain file types leads to cross-site scripting...
CVE-2025-0811 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Improper rendering of certain file types leads to cross-site scripting...
CVE-2025-2242
CVE-2025-2242 describes an improper access-control vulnerability in GitLab CE/EE that lets a former instance admin, downgraded to a regular user, retain elevated privileges to groups and projects across GitLab versions 17.4 through 17.8.6, 17.9 through 17.9.3, and 17.10 through 17.10.1. The provi...
PT-2025-13454 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab EE/CE versions 12.10 through 17.8.5 GitLab EE/CE versions 17.9 through 17.9.2 GitLab EE/CE versions 17.10 through 17.10.0 Description: An issue has been discovered in GitLab EE/CE where a maliciously crafted file can cause uncontrolled...