CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

52 matches found

Snyk•added 2026/05/21 7:35 a.m.•5 views

Access Control Bypass

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Access Control Bypass via the SearchModelVersions REST API endpoin...

7.1CVSS6.7AI score0.00023EPSS

Exploits1References2

Snyk•added 2026/03/07 6:44 p.m.•0 views

Incorrect Authorization

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Incorrect Authorization via the type query nested inside inline fragments when public introspection is disabled. An attacker...

6.9CVSS5.8AI score0.00019EPSS

Exploits0References2

Snyk•added 2026/01/24 12:51 a.m.•7 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the order GraphQL query. An attacker can access sensitive information, including personally identifiable information PII, by sending unauthorized queries to the API. Workaround This...

8.7CVSS5.9AI score0.00018EPSS

Exploits0References2

RedhatCVE•added 2026/01/07 9:54 a.m.•17 views

CVE-2025-1110

An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query...

4.3CVSS6.4AI score0.0003EPSS

Exploits0References1

CNNVD•added 2025/12/22 12:0 a.m.•2 views

Hasura GraphQL Engine 安全漏洞

Hasura GraphQL Engine is a very fast GraphQL server from Hasura Open Source. A security vulnerability exists in Hasura GraphQL Engine version 1.3.3 that stems from a malicious GraphQL query that could lead to a denial of service attack...

8.7CVSS6.5AI score0.00131EPSS

Exploits1References3

CNNVD•added 2025/12/11 12:0 a.m.•2 views

GitLab Enterprise Edition（EE）和GitLab Community Edition（CE）安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability in GitLab Enterprise Edition EE and GitLab Community Edition ...

7.5CVSS7.5AI score0.00105EPSS

Exploits0References4

OSV•added 2025/11/21 6:15 a.m.•0 views

UBUNTU-CVE-2025-9825

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 to 18.2.8, 18.3 before 18.3.4, and 18.4 before 18.4.2 that could have allowed authenticated users without project membership to view sensitive manual CI/CD variables by querying the GraphQL API...

6.5CVSS5.8AI score0.00008EPSS

Exploits1References2

CNNVD•added 2025/10/09 12:0 a.m.•14 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. in the United States, with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE and EE...

7.5CVSS6.7AI score0.0005EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-5594

Malware in sbrugna...

7.5CVSS7.4AI score0.00174EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-22905