Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

628 matches found

Cvelist
Cvelistadded 2021/09/09 2:41 p.m.31 views

CVE-2021-22239

An unauthorized user was able to insert metadata when creating new issue on GitLab CE/EE 14.0 and later...

5CVSS5.5AI score0.00573EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2021/09/09 2:41 p.m.27 views

CVE-2021-22239

Removed by vendor...

5CVSS5.8AI score0.00573EPSS
Exploits0
OSV
OSVadded 2021/08/25 7:15 p.m.22 views

CVE-2021-22245

Improper validation of commit author in GitLab CE/EE affecting all versions allowed an attacker to make several pages in a project impossible to view...

2.7CVSS6.2AI score0.01366EPSS
Exploits0References3
NVD
NVDadded 2021/08/25 7:15 p.m.15 views

CVE-2021-22250

Improper authorization in GitLab CE/EE affecting all versions since 13.3 allowed users to view and delete impersonation tokens that administrators created for their account...

5.5CVSS0.0083EPSS
Exploits0References3
NVD
NVDadded 2021/08/25 7:15 p.m.16 views

CVE-2021-22245

Improper validation of commit author in GitLab CE/EE affecting all versions allowed an attacker to make several pages in a project impossible to view...

4CVSS0.01366EPSS
Exploits0References3
NVD
NVDadded 2021/08/25 7:15 p.m.18 views

CVE-2021-22247

Improper authorization in GitLab CE/EE affecting all versions since 13.0 allows guests in private projects to view CI/CD analytics...

4.3CVSS0.00833EPSS
Exploits0References3
NVD
NVDadded 2021/08/25 7:15 p.m.19 views

CVE-2021-22242

Insufficient input sanitization in Mermaid markdown in GitLab CE/EE version 11.4 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown...

8.7CVSS0.63555EPSS
Exploits0References3
NVD
NVDadded 2021/08/25 7:15 p.m.15 views

CVE-2021-22236

Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect OAuth client application. This vulnerability is present in GitLab CE/EE since version 14.1...

8.8CVSS0.00865EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2021/08/25 7:15 p.m.25 views

CVE-2021-22242

Insufficient input sanitization in Mermaid markdown in GitLab CE/EE version 11.4 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown...

8.7CVSS6.4AI score0.63555EPSS
Exploits0References4
Prion
Prionadded 2021/08/25 7:15 p.m.13 views

Authorization

Improper authorization in GitLab CE/EE affecting all versions since 13.3 allowed users to view and delete impersonation tokens that administrators created for their account...

5.5CVSS5.1AI score0.0083EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCveadded 2021/08/25 7:15 p.m.34 views

CVE-2021-22247

Improper authorization in GitLab CE/EE affecting all versions since 13.0 allows guests in private projects to view CI/CD analytics...

4.3CVSS5.8AI score0.00833EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2021/08/25 7:15 p.m.21 views

CVE-2021-22250

Improper authorization in GitLab CE/EE affecting all versions since 13.3 allowed users to view and delete impersonation tokens that administrators created for their account...

5.5CVSS6.1AI score0.0083EPSS
Exploits0References4
Prion
Prionadded 2021/08/25 7:15 p.m.15 views

Authorization

Improper authorization in GitLab CE/EE affecting all versions since 12.6 allowed guest users to create issues for Sentry errors and track their status...

5.5CVSS5.2AI score0.00729EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCveadded 2021/08/25 7:15 p.m.22 views

CVE-2021-22236

Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect OAuth client application. This vulnerability is present in GitLab CE/EE since version 14.1...

8.8CVSS7.2AI score0.00865EPSS
Exploits0References2
Prion
Prionadded 2021/08/25 7:15 p.m.17 views

Cross site scripting

Insufficient input sanitization in Mermaid markdown in GitLab CE/EE version 11.4 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown...

3.5CVSS4.9AI score0.63555EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCveadded 2021/08/25 7:15 p.m.31 views

CVE-2021-22256

Improper authorization in GitLab CE/EE affecting all versions since 12.6 allowed guest users to create issues for Sentry errors and track their status...

5.5CVSS6.1AI score0.00729EPSS
Exploits0References4
Cvelist
Cvelistadded 2021/08/25 6:39 p.m.27 views

CVE-2021-22236

Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect OAuth client application. This vulnerability is present in GitLab CE/EE since version 14.1...

5.5CVSS8.6AI score0.00865EPSS
Exploits0References2
CVE
CVEadded 2021/08/25 6:38 p.m.60 views

CVE-2021-22242

CVE-2021-22242 affects GitLab CE/EE versions 11.4 and later, due to insufficient input sanitization in Mermaid markdown, enabling stored cross-site scripting when processing crafted Markdown. The issue is consistently documented across NVD, OSV, and vendor/Tenable reports (GitLab CVE entry and OS...

8.7CVSS4.8AI score0.63555EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2021/08/25 6:32 p.m.20 views

CVE-2021-22247

Improper authorization in GitLab CE/EE affecting all versions since 13.0 allows guests in private projects to view CI/CD analytics...

4.3CVSS4.5AI score0.00833EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2021/08/25 6:30 p.m.20 views

CVE-2021-22256

Removed by vendor...

5.5CVSS6AI score0.00729EPSS
Exploits0
Rows per page
Query Builder