Lucene search
K

1981 matches found

Vulnrichment
Vulnrichment
added 2025/12/11 7:32 a.m.2 views

CVE-2025-12734 Improper Encoding or Escaping of Output in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to, under certain conditions, render content in dialogs to other users by injecting malicious HTML content into...

3.5CVSS6AI score0.00226EPSS
Exploits0References3
CVE
CVE
added 2025/12/11 4:5 a.m.40 views

CVE-2025-8405

GitLab CE/EE is vulnerable to an authenticated user performing unauthorized actions on behalf of others by injecting malicious HTML into vulnerability code flow displays. Affected versions are 17.1 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2. GitLab has remediated this with patch re...

7.7CVSS6.3AI score0.00486EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/12/11 3:33 a.m.3 views

EUVD-2025-202659

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that, under certain conditions could have allowed an authenticated user to perform unauthorized actions on behalf of another user by creating wiki pages with...

8.7CVSS6.2AI score0.00403EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.6 views

PT-2025-50572

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 11.10 through 18.4.5 GitLab CE/EE versions 18.5 through 18.5.3 GitLab CE/EE versions 18.6 through 18.6.1 Description An unauthenticated user could create a denial of service condition by sending crafted GraphQL queries th...

7.8CVSS7.6AI score0.0076EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.3 views

PT-2025-50585

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 15.6 through 18.4.6 GitLab CE/EE versions 18.5 through 18.5.4 GitLab CE/EE versions 18.6 through 18.6.2 Description GitLab has addressed an issue that could allow an authenticated user to reveal sensitive information...

4CVSS6.1AI score0.00226EPSS
Exploits0References9
OSV
OSV
added 2025/12/09 12:2 p.m.5 views

BIT-GITLAB-2024-9183 Time-of-check Time-of-use (TOCTOU) Race Condition in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 prior to 18.4.5, 18.5 prior to 18.5.3, and 18.6 prior to 18.6.1 that could have allowed an authenticated user to obtain credentials from higher-privileged users and perform actions in their context under specific...

7.7CVSS6.7AI score0.0021EPSS
Exploits0References4
NVD
NVD
added 2025/12/05 5:16 p.m.3 views

CVE-2024-9183

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 prior to 18.4.5, 18.5 prior to 18.5.3, and 18.6 prior to 18.6.1 that could have allowed an authenticated user to obtain credentials from higher-privileged users and perform actions in their context under specific...

7.7CVSS0.0021EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/27 8:0 p.m.8 views

CVE-2025-13611

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.5.5 and 18.6 before 18.6.3 that could have allowed an authenticated user with access to certain logs to obtain sensitive tokens under specific conditions...

5.3CVSS5.9AI score0.00212EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/11/26 7:45 p.m.2 views

CVE-2025-13611

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.5.5 and 18.6 before 18.6.3 that could have allowed an authenticated user with access to certain logs to obtain sensitive tokens under specific conditions...

5.3CVSS5.9AI score0.00212EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-11702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in EE affecting all versions from 17.1 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an...

8.8CVSS7.4AI score0.00572EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-11974

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowe...

6.5CVSS5.5AI score0.00351EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-10497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allow...

7.5CVSS8.4AI score0.00588EPSS
Exploits0References2
OSV
OSV
added 2025/11/21 6:15 a.m.3 views

UBUNTU-CVE-2025-9825

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 to 18.2.8, 18.3 before 18.3.4, and 18.4 before 18.4.2 that could have allowed authenticated users without project membership to view sensitive manual CI/CD variables by querying the GraphQL API...

6.5CVSS5.8AI score0.00315EPSS
Exploits1References2
OSV
OSV
added 2025/11/20 9:5 a.m.4 views

BIT-GITLAB-2025-7736 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker to bypass access control restrictions and view GitLab Pages content intended only for project members by...

4.3CVSS6.7AI score0.00242EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-12983

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowe...

6.5CVSS5.5AI score0.00367EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-7000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 17.6 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that, under specific...

4.3CVSS5.5AI score0.0031EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-6945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 17.8 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed a...

3.5CVSS5.5AI score0.00233EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-6171

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowe...

5.3CVSS5.5AI score0.00231EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-2615

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.7 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that could have allow...

6.5CVSS5.5AI score0.00275EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/17 7:3 a.m.9 views

CVE-2025-6171

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker with reporter access to view branch names and pipeline details by accessing the packages API endpoint even wh...

5.3CVSS6.6AI score0.00231EPSS
Exploits0References1
Rows per page
Query Builder