CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

105 matches found

Positive Technologies•added 2026/01/21 12:0 a.m.•3 views

PT-2026-3766

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.6 through 18.8.1 Description GitLab CE/EE is affected by a high-severity issue that allows an attacker with knowledge of a victim's credential ID to bypass two-factor authentication by submitting forged device response...

7.4CVSS6.2AI score0.00832EPSS

Exploits0References34

RedhatCVE•added 2026/01/09 10:12 a.m.•7 views

CVE-2019-11546

An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It has a Race Condition which could allow users to approve a merge request multiple times and potentially reach the approval count required to merge...

5.3CVSS6.4AI score0.00644EPSS

Exploits1References1

Positive Technologies•added 2025/11/27 12:0 a.m.•3 views

PT-2025-48259

Name of the Vulnerable Software and Affected Versions GitLab versions 2.4 through 7.7 Description GitLab reports multiple issues, including Race Conditions, Denial of Service DoS, and Authentication Bypass. The issues are present in versions 2.4 through 7.7. Recommendations Update to a newer...

7.7CVSS6.8AI score0.0021EPSS

Exploits0References12

Positive Technologies•added 2025/10/09 12:0 a.m.•4 views

PT-2025-41362

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 13.12 through 18.2.8 GitLab CE/EE versions 18.3 through 18.3.4 GitLab CE/EE versions 18.4 through 18.4.2 Description The software is susceptible to a denial of service condition triggered by crafted GraphQL queries...

7.5CVSS6.6AI score0.00485EPSS

Exploits0References11

Positive Technologies•added 2025/10/09 12:0 a.m.•4 views

PT-2025-41364

Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.3 through 18.3.4 GitLab EE versions 18.4 through 18.4.2 Description An authorization issue exists in the GitLab EE GraphQL API. Incorrectly scoped GraphQL mutations could allow authenticated users with read-only API token...

7.7CVSS6.4AI score0.00341EPSS

Exploits0References10