Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

961 matches found

Prion
Prionadded 2022/10/17 4:15 p.m.22 views

Design/Logic Flaw

Lack of IP address checking in GitLab EE affecting all versions from 14.2 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows a group member to bypass IP restrictions when using a deploy token...

5CVSS5.2AI score0.00123EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCveadded 2022/10/17 4:15 p.m.24 views

CVE-2022-3291

Serialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 can leak sensitive information via cache...

6.5CVSS6.6AI score0.0033EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2022/10/17 4:15 p.m.30 views

CVE-2022-3351

An issue has been discovered in GitLab EE affecting all versions starting from 13.7 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. A user's primary email may be disclosed to an attacker through group member events webhooks...

4.3CVSS5.7AI score0.0019EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2022/10/17 12:0 a.m.2 views

PT-2022-21530 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 14.2 through 15.2.4 GitLab EE versions 15.3 through 15.3.3 GitLab EE versions 15.4 through 15.4.0 Description: The issue is related to a lack of IP address checking in GitLab EE, which allows a group member to bypass IP...

5.3CVSS4.8AI score0.00123EPSS
Exploits0References11
Vulnrichment
Vulnrichmentadded 2022/10/17 12:0 a.m.6 views

CVE-2022-3291

Serialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 can leak sensitive information via cache...

6.5CVSS6.4AI score0.0033EPSS
Exploits0References2
OSV
OSVadded 2022/10/17 12:0 a.m.19 views

CVE-2022-3351

An issue has been discovered in GitLab EE affecting all versions starting from 13.7 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. A user's primary email may be disclosed to an attacker through group member events webhooks...

4.3CVSS4.3AI score0.0019EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2022/10/17 12:0 a.m.0 views

PT-2022-21570 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 14.9 through 15.2.4 GitLab EE versions 15.3 through 15.3.3 GitLab EE versions 15.4 through 15.4.0 Description: The issue concerns the serialization of sensitive data in GitLab EE, which can lead to the leakage of sensitive...

6.5CVSS6AI score0.0033EPSS
Exploits0References11
Vulnrichment
Vulnrichmentadded 2022/10/17 12:0 a.m.8 views

CVE-2022-3293

Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...

3.5CVSS6.8AI score0.00071EPSS
Exploits0References2
CVE
CVEadded 2022/10/17 12:0 a.m.98 views

CVE-2022-3293

GitLab EE vulnerability CVE-2022-3293: Email addresses were leaked in WebHook logs affecting all versions from 9.3 up to 15.2.5, 15.3 up to 15.3.4, and 15.4 up to 15.4.1. The connected sources confirm the affected product (GitLab EE) and the impact (exposure of email addresses via WebHook logs). ...

4.3CVSS4.5AI score0.00071EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/10/17 12:0 a.m.8 views

CVE-2022-3286

Lack of IP address checking in GitLab EE affecting all versions from 14.2 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows a group member to bypass IP restrictions when using a deploy token...

5.3CVSS6.8AI score0.00123EPSS
Exploits0References2
CVE
CVEadded 2022/10/17 12:0 a.m.115 views

CVE-2022-3060

CVE-2022-3060 concerns GitLab CE/EE with an improper control of a resource identifier in Error Tracking. Affected products include GitLab CE/EE versions from 12.7 onward. The root issue allows an authenticated attacker to generate content that could cause a victim to make unintended arbitrary req...

7.3CVSS6.8AI score0.00445EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2022/10/17 12:0 a.m.15 views

CVE-2022-3291

Serialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 can leak sensitive information via cache...

6.5CVSS6.4AI score0.0033EPSS
Exploits0References2
OSV
OSVadded 2022/10/17 12:0 a.m.16 views

CVE-2022-3331

An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. GitLab's Zentao integration has an insecure direct object reference vulnerability that may be exploited ...

3.5CVSS4.2AI score0.00174EPSS
Exploits1References5
OSV
OSVadded 2022/10/17 12:0 a.m.10 views

CVE-2022-3330

It was possible for a guest user to read a todo targeting an inaccessible note in Gitlab CE/EE affecting all versions from 15.0 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...

4.3CVSS4.4AI score0.0012EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2022/10/17 12:0 a.m.2 views

PT-2022-21588 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 9.3 through 15.2.4 GitLab EE versions 15.3 through 15.3.3 GitLab EE versions 15.4 through 15.4.0 Description: Email addresses were leaked in WebHook logs. The issue affects GitLab EE, with the leak occurring in the logs...

4.3CVSS4.3AI score0.00071EPSS
Exploits0References11
Cvelist
Cvelistadded 2022/10/17 12:0 a.m.23 views

CVE-2022-3293

Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...

3.5CVSS5AI score0.00071EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2022/10/17 12:0 a.m.2 views

PT-2022-20228 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 14.4 through 15.2.5 GitLab CE/EE versions 15.3 through 15.3.4 GitLab CE/EE versions 15.4 through 15.4.1 Description: An issue in the Import functionality allows an authenticated user to read arbitrary projects' content...

6.5CVSS6.2AI score0.00231EPSS
Exploits0References11
Cvelist
Cvelistadded 2022/10/17 12:0 a.m.22 views

CVE-2022-2428

A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an attacker to issue arbitrary HTTP requests...

6.4CVSS7.2AI score0.00181EPSS
Exploits0References3
OSV
OSVadded 2022/10/17 12:0 a.m.18 views

CVE-2022-3293

Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...

3.5CVSS4.3AI score0.00071EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2022/10/17 12:0 a.m.71 views

CVE-2022-2428

Removed by vendor...

7.3CVSS7.1AI score0.00181EPSS
Exploits0
Rows per page
Query Builder