CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

470 matches found

Positive Technologies•added 2020/03/12 12:0 a.m.•1 views

PT-2020-12191 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 12.8.x through 12.8.5 Description: The issue allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address when sign-up is enabled. Recommendations: For GitLab...

5.3CVSS5.1AI score0.00164EPSS

Exploits0References6

OSV•added 2020/03/10 3:15 p.m.•1 views

UBUNTU-CVE-2019-12446

An issue was discovered in GitLab Community and Enterprise Edition 8.3 through 11.11. It allows Information Exposure through an Error Message...

7.5CVSS5.8AI score0.00077EPSS

Exploits0References3

OSV•added 2020/03/10 2:15 p.m.•1 views

UBUNTU-CVE-2019-12428

An issue was discovered in GitLab Community and Enterprise Edition 6.8 through 11.11. Users could bypass the mandatory external authentication provider sign-in restrictions by sending a specially crafted request. It has Improper Authorization...

9.8CVSS7.3AI score0.002EPSS

Exploits0References3

OSV•added 2019/12/30 10:15 p.m.•0 views

UBUNTU-CVE-2018-20494

An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control...

7.5CVSS7.1AI score0.00334EPSS

Exploits1References3

OSV•added 2019/07/10 5:15 p.m.•0 views

UBUNTU-CVE-2018-19583

GitLab CE/EE, versions 8.0 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, would log access tokens in the Workhorse logs, permitting administrators with access to the logs to see another user's token...

6.5CVSS6.9AI score0.0014EPSS

Exploits0References3

OSV•added 2019/05/16 3:29 p.m.•2 views

CVE-2019-10114

An Information Exposure issue issue 2 of 2 was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. During the OAuth authentication process, the application attempts to validate a parameter in an insecure way, potentially exposing da...

7.5CVSS7.1AI score

Exploits0References3

OSV•added 2019/05/15 8:29 p.m.•0 views

CVE-2019-10108

An Incorrect Access Control issue 1 of 2 was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. It allowed non-members of a private project/group to add and read labels...

5.4CVSS6.3AI score

Exploits0References3

OSV•added 2018/10/03 4:29 p.m.•1 views

UBUNTU-CVE-2018-16049

An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Sensitive Data Disclosure in Sidekiq Logs through an Error Message...

9.8CVSS7.3AI score0.00212EPSS

Exploits1References5

CNVD•added 2018/07/27 12:0 a.m.•2 views

GitLab CE and EE Cross-Site Request Forgery Vulnerability

GitLab is a set of Ruby on Rails development of open source applications , can be realized as a self-hosted Git version control system project repository , which has a similar function to Github , you can check the project's file content , the history of commits , the list of bugs , etc. System...

8.8CVSS8.9AI score0.00035EPSS

Exploits0References1

OSV•added 2016/11/03 10:59 a.m.•5 views

CVE-2016-9086

GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files tar. All GitLab versions prior to 8.13.0 restricted this feature to...

6.5CVSS6.1AI score0.13489EPSS

Exploits39References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by