Lucene search
K

192 matches found

RedhatCVE
RedhatCVE
added 2026/02/26 10:35 p.m.6 views

CVE-2025-14103

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions...

4.3CVSS5.4AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/26 10:35 p.m.4 views

CVE-2026-1747

GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packag...

4.3CVSS5.4AI score0.00229EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/25 9:31 p.m.4 views

EUVD-2025-208116

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions...

4.3CVSS5.4AI score0.0019EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.8 views

CVE-2026-1747

GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packag...

4.3CVSS5.9AI score0.00229EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/25 8:20 p.m.4 views

CVE-2025-14103

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions...

4.3CVSS5.9AI score0.0019EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/25 8:4 p.m.2 views

CVE-2026-1747 Authentication Bypass Using an Alternate Path or Channel in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packag...

4.3CVSS5.4AI score0.00229EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/02/25 8:4 p.m.5 views

CVE-2026-1747

Removed by vendor...

4.3CVSS5.8AI score0.00229EPSS
Exploits0
CVE
CVE
added 2026/02/25 8:4 p.m.31 views

CVE-2026-1747

GitLab Enterprise Edition (GitLab EE) is affected by CVE-2026-1747 across affected lines: 17.11 up to 18.7.5, 18.8 up to 18.8.5, and 18.9 up to 18.9.1. Under certain conditions, Developer-role users with insufficient privileges could perform unauthorized modifications to protected Conan packages....

4.3CVSS5.4AI score0.00229EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/25 7:33 p.m.2 views

CVE-2025-14103 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions...

4.3CVSS5.4AI score0.0019EPSS
Exploits0References3
CVE
CVE
added 2026/02/25 7:33 p.m.18 views

CVE-2025-14103

GitLab CVE-2025-14103 affects GitLab CE/EE versions 17.7–before 18.7.5, 18.8–before 18.8.5, and 18.9–before 18.9.1, enabling an unauthorized user with Developer permissions to set pipeline variables for manually triggered jobs in certain conditions. The issue has been remediated with patch releas...

4.3CVSS5.4AI score0.0019EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/02/25 7:33 p.m.24 views

CVE-2025-14103 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions...

4.3CVSS0.0019EPSS
Exploits0References3
OSV
OSV
added 2026/02/25 7:33 p.m.4 views

CVE-2025-14103 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions...

4.3CVSS5.5AI score0.0019EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.5 views

PT-2026-21987

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.7 through 18.7.4 GitLab CE/EE versions 18.8 through 18.8.4 GitLab CE/EE versions 18.9 through 18.9.0 Description An issue existed in GitLab CE/EE that potentially allowed an unauthorized user with Developer-role...

4.3CVSS5.2AI score0.0019EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.14 views

GitLab EE 安全漏洞

GitLab Enterprise Edition EE is a content management system provided by the American company GitLab. There were security vulnerabilities in versions of GitLab EE from 17.11 to 18.7.5, as well as in versions 18.8 to 18.8.5 and 18.9 to 18.9.1. These vulnerabilities stemmed from the possibility that...

4.3CVSS5.8AI score0.00229EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 9:59 a.m.7 views

CVE-2020-7910

JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role...

5.4CVSS5.8AI score0.0052EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.11 views

CVE-2020-7018

Elastic Enterprise Search before 7.9.0 contain a credential exposure flaw in the App Search interface. If a user is given the �developer� role, they will be able to view the administrator API credentials. These credentials could allow the developer user to conduct operations with the same...

8.8CVSS6.6AI score0.0109EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.6 views

CVE-2023-4317

An issue has been discovered in GitLab affecting all versions starting from 9.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a user with the Developer role to update a pipeline schedule from an unprotected branch ...

4.3CVSS6.5AI score0.00426EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/26 4:56 p.m.5 views

CVE-2025-12472

An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for...

7.1CVSS7.1AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/25 11:55 a.m.9 views

CVE-2025-12740

A Looker user with a Developer role could create a database connection using IBM DB2 driver and, by manipulating LookML, cause Looker to execute a malicious command, due to inadequate filtering of the driver's parameters. Looker-hosted and Self-hosted were found to be vulnerable. This issue has...

7.7CVSS6.9AI score0.00215EPSS
Exploits0References1
NVD
NVD
added 2025/11/25 6:15 a.m.4 views

CVE-2025-12742

A Looker user with a Developer role could cause Looker to execute a malicious command, due to insecure processing of Teradata driver parameters. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for Looker-hosted instances. No user action is required...

7.5CVSS0.00206EPSS
Exploits0References1
Rows per page
Query Builder