Lucene search
K

1981 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.6 views

GitLab 13.9 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2026-0595)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an...

7.3CVSS6AI score0.00217EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.4 views

GitLab 17.8 < 18.3.6 / 18.4 < 18.4.4 / 18.5 < 18.5.2 (CVE-2025-6945)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 17.8 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker to leak sensiti...

3.5CVSS5.7AI score0.00233EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.6 views

GitLab 17.7 < 18.6.4 / 18.7 < 18.7.2 / 18.8 < 18.8.2 (CVE-2025-13928)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to cause a...

7.5CVSS5.7AI score0.00712EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.7 views

GitLab 13.1 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-11984)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.1 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to bypass WebAut...

6.8CVSS5.7AI score0.00274EPSS
Exploits0References5
OSV
OSV
added 2026/02/11 12:16 p.m.4 views

UBUNTU-CVE-2026-1282

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated user to inject malicious content into project labels titles...

5.4CVSS5.8AI score0.00162EPSS
Exploits0References5
OSV
OSV
added 2026/02/11 11:34 a.m.7 views

CVE-2025-14592 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to perform unauthorized operations by submitting GraphQL mutations through the GLQL API...

3.7CVSS5.5AI score0.00254EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/02/11 11:4 a.m.23 views

CVE-2026-1282 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated user to inject malicious content into project labels titles...

3.5CVSS0.00162EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/11 11:4 a.m.3 views

CVE-2026-1456 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to cause denial of service through CPU exhaustion by submitting specially crafted markdown files that trigger exponential processin...

6.5CVSS5.6AI score0.00364EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.6 views

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Prior to GitLab CE/EE 18.8.4, there was a security vulnerability. This...

4.6CVSS5.9AI score0.00162EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/11 12:0 a.m.3 views

CVE-2026-1282

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated user to inject malicious content into project labels titles...

5.4CVSS5.9AI score0.00162EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/11 12:0 a.m.2 views

CVE-2025-14594

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to view certain pipeline values by querying the API...

3.5CVSS5.9AI score0.00164EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/11 12:0 a.m.4 views

CVE-2026-0595

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to add unauthorized email addresses to victim accounts through HTML injection in test...

7.3CVSS5.9AI score0.00217EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.3 views

PT-2026-7524

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 13.9 through 18.6.6 GitLab CE/EE versions 18.7 through 18.7.4 GitLab CE/EE versions 18.8 through 18.8.4 Description An issue exists in GitLab CE/EE where an authenticated user could potentially add unauthorized email...

7.3CVSS5.3AI score0.00217EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.6.6, 18.7.4...

7.5CVSS5.9AI score0.00387EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/02 9:4 a.m.2 views

CVE-2026-1751 Missing Authorization in GitLab

A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions...

3.1CVSS5.3AI score0.00194EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-1102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowe...

7.5CVSS5.7AI score0.00538EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.6 views

GitLab security vulnerabilities

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.6.4, 18.7.2...

7.5CVSS6.1AI score0.00846EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/21 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-12734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowe...

3.5CVSS5.7AI score0.00226EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.7 views

CVE-2023-4658

An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the Allowed to merge permission as a guest user, when granted t...

3.1CVSS6.4AI score0.00385EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:22 a.m.10 views

CVE-2021-22244

Improper authorization in the vulnerability report feature in GitLab EE affecting all versions since 13.1 allowed a reporter to access vulnerability data...

6.5CVSS6.3AI score0.01006EPSS
Exploits0References1
Rows per page
Query Builder