105 matches found
EUVD-2024-47165
Malicious code in bioql PyPI...
EUVD-2022-25209
Malicious code in bioql PyPI...
EUVD-2022-15814
Malicious code in bioql PyPI...
EUVD-2024-44169
Malicious code in bioql PyPI...
EUVD-2022-34510
Malicious code in bioql PyPI...
EUVD-2022-43082
Malicious code in bioql PyPI...
EUVD-2025-18169
Malicious code in bioql PyPI...
EUVD-2023-58903
Malicious code in bioql PyPI...
CVE-2025-4439
CVE-2025-4439 : In GitLab CE/EE, versions 15.10 up to before 18.0.5, 18.1 up to before 18.1.3, and 18.2 up to before 18.2.1 are affected by a cross-site scripting vulnerability (CVE-2025-4439) described as an issue of improper neutralization of input during web page generation. The flaw could all...
Gitlab -- vulnerabilities
Gitlab reports: Cross-site scripting issue impacts GitLab CE/EE Improper authorization issue impacts GitLab CE/EE Improper authorization issue impacts GitLab EE Improper authorization issue impacts GitLab EE...
CVE-2025-2938 Business Logic Errors in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval...
Gitlab -- Vulnerabilities
Gitlab reports: Denial of Service impacts GitLab CE/EE Missing Authentication issue impacts GitLab CE/EE Improper access control issue impacts GitLab CE/EE Elevation of Privilege impacts GitLab CE/EE Improper access control issue impacts GitLab EE...
CVE-2025-2443
An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...
CVE-2024-9512
An issue has been discovered in GitLab EE affecting all versions prior to 17.10.8, 17.11 prior to 17.11.4, and 18.0 prior to 18.0.2. It may have been possible for private repository to be cloned in case of race condition when a secondary node is out of sync...
Gitlab -- Vulnerabilities
Gitlab reports: HTML injection impacts GitLab CE/EE Cross-site scripting issue impacts GitLab CE/EE Missing authorization issue impacts GitLab Ultimate EE Denial of Service impacts GitLab CE/EE Denial of Service via unbounded Webhook token names impacts GitLab CE/EE Denial of Service via unbounde...
CVE-2024-5423
Multiple Denial of Service DoS conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2 which allowed an attacker to cause resource exhaustion via banzai pipeline...
CVE-2021-39890
It was possible to bypass 2FA for LDAP users and access some specific pages with Basic Authentication in GitLab 14.1.1 and above...
CVE-2019-19314
GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext...
CVE-2019-14942
An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0.6, and 12.1 before 12.1.6. Cookies for GitLab Pages which have access control could be sent over cleartext HTTP...
Gitlab -- vulnerabilities
Gitlab reports: Unprotected large blob endpoint in GitLab allows Denial of Service Improper XPath validation allows modified SAML response to bypass 2FA requirement A Discord webhook integration may cause DoS Unbounded Kubernetes cluster tokens may lead to DoS Unvalidated notes position may lead ...