CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

470 matches found

Positive Technologies•added 2025/11/15 12:0 a.m.•2 views

PT-2025-47049

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.9 through 18.3.6 GitLab CE/EE versions 18.4 through 18.4.4 GitLab CE/EE versions 18.5 through 18.5.2 Description An authenticated attacker could cause a denial of service condition by submitting specially crafted...

3.5CVSS6.5AI score0.00024EPSS

Exploits0References8

Positive Technologies•added 2025/11/13 12:0 a.m.•3 views

PT-2025-46788

Name of the Vulnerable Software and Affected Versions GitLab versions 3.1 through 7.7 Description Multiple vulnerabilities exist in GitLab CE and EE, including Cross-Site Scripting XSS, Information Disclosure, and Prompt Injection. These issues could potentially lead to a compromise of systems. A...

7.7CVSS6.1AI score0.00042EPSS

Exploits0References19

OSV•added 2025/10/28 12:3 p.m.•3 views

BIT-GITLAB-2025-10497 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to cause a denial of service condition by sending specially crafted payloads...

7.5CVSS8.8AI score0.00077EPSS

Exploits0References4

EUVD•added 2025/10/27 12:30 a.m.•5 views

EUVD-2025-35955

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.0 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to cause a denial of service condition by sending GraphQL requests with crafted JSON payloads...

7.5CVSS6.4AI score0.00071EPSS

Exploits0References5

NVD•added 2025/10/27 12:15 a.m.•2 views

CVE-2025-11971

GitLab has remediated an issue in GitLab EE affecting all versions from 10.6 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker to trigger unauthorized pipeline executions by manipulating commits...

6.5CVSS0.00018EPSS

Exploits0References2

CVE•added 2025/10/27 12:5 a.m.•12 views

CVE-2025-11974

GitLab CVE-2025-11974 affects GitLab CE/EE versions 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1. The issue allows an unauthenticated attacker to cause a denial-of-service by uploading large files to specific API endpoints. Affected releases have been remediated via patches: Git...

6.5CVSS6.5AI score0.00069EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2025/10/22 12:0 a.m.•5 views

PT-2025-43136

Name of the Vulnerable Software and Affected Versions GitLab versions 3.8 through 8.5 Description Multiple vulnerabilities exist in GitLab, including improper access control, denial of service, and incorrect authorization. These issues impact the runner API. A search on Netlas.io using the provid...

8.8CVSS6.8AI score0.00013EPSS

Exploits0References11

OSV•added 2025/10/11 9:5 a.m.•1 views

BIT-GITLAB-2025-2934 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to create a denial of service condition by configuring malicious webhook endpoints that send crafted HTT...

6.5CVSS6.7AI score0.00091EPSS

Exploits0References4

RedhatCVE•added 2025/10/10 12:25 p.m.•1 views

CVE-2025-10004

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2 that could make the GitLab instance unresponsive or severely degraded by sending crafted GraphQL queries requesting large repository blobs...

7.5CVSS6.7AI score0.0005EPSS

Exploits0References1