Lucene search
K

850 matches found

Debian CVE
Debian CVE
added 2026/02/11 11:35 a.m.5 views

CVE-2025-7659

Removed by vendor...

9.1CVSS5.8AI score0.00182EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/02/11 11:35 a.m.4 views

CVE-2025-7659

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to steal tokens and access private repositories by abusing incomplete validation in the Web IDE...

8CVSS5.5AI score0.00182EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

GitLab 访问控制错误漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities existed in versions prior to GitLab CE/EE 18.6.6, 18.7....

9.1CVSS5.9AI score0.00182EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/11 12:0 a.m.3 views

CVE-2025-7659

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to steal tokens and access private repositories by abusing incomplete validation in the Web IDE...

9.1CVSS5.9AI score0.00182EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/02/10 11:19 p.m.9 views

WordPress IDE Micro code-editor plugin <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'title' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin IDE Micro code-editor versions = 1.0.0...

6.4CVSS5.4AI score0.00227EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.6 views

PT-2026-7528

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.2 through 18.6.6 GitLab CE/EE versions 18.7 through 18.7.4 GitLab CE/EE versions 18.8 through 18.8.4 Description An issue exists in GitLab CE/EE related to incomplete validation within the Web IDE. This could allow an...

9.1CVSS5.3AI score0.00182EPSS
Exploits0References16
Spring Security Advisories
Spring Security Advisories
added 2026/01/22 12:0 a.m.8 views

A Bootiful Podcast: Jetbrains legend Dmitry Jemerov

Hi, Spring and IntelliJ IDEA fans! This week we celebrate 25 years of Jetbrains IntelliJ IDEA, and who better to talk to us about its evolution than Dmitry Jemerov, whose been a contributor and developer for the project since 2003!...

5.4AI score
Exploits0
Wiz blog
Wiz blog
added 2026/01/20 2:8 p.m.6 views

From Detection to Remediation: Wiz in Your JetBrains IDE

The Wiz JetBrains IDE plugin is now generally available, enabling developers to fix risks before code leaves their local environment...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : qemu-kvm-8.2.0-11.el9 (AXSA:2024-7897:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7897:02 advisory. QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest CVE-2023-3019 QEMU: VNC: infinite loop in inflatebuffer leads to denial of service...

7CVSS7AI score0.01891EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : qemu-kvm-1.5.3-175.el7.4 (AXSA:2021-1882:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1882:03 advisory. QEMU: ide: atapi: OOB access while processing read commands CVE-2020-29443 Tenable has extracted the preceding description block directly from the MiracleLin...

3.9CVSS6.5AI score0.00369EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.5 views

CVE-2026-0830

Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version...

8.4CVSS7.6AI score0.01279EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/12 12:0 a.m.6 views

FreeBSD : Gitlab -- vulnerabilities (c9b610e9-eebc-11f0-b051-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the c9b610e9-eebc-11f0-b051-2cf05da270f3 advisory. Gitlab reports: Stored Cross-site Scripting issue in GitLab Flavored Markdown placeholders...

9.6CVSS5.9AI score0.0062EPSS
Exploits0References9
NVD
NVD
added 2026/01/09 9:16 p.m.8 views

CVE-2026-0830

Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version...

8.4CVSS0.01279EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/09 9:10 p.m.5 views

EUVD-2026-1682

Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version...

8.4CVSS7AI score0.01279EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:23 a.m.6 views

CVE-2021-31900

In JetBrains Code With Me bundled to the compatible IDE versions before 2021.1, a client could open a browser on a host...

5.3CVSS6.9AI score0.00715EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.5 views

CVE-2023-4218

In Eclipse IDE versions 2023-09 4.29 some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file for example for review a foreign repository or patch...

5CVSS6.8AI score0.00386EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:19 a.m.9 views

CVE-2021-31431

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

6CVSS6.2AI score0.00448EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:19 a.m.26 views

CVE-2021-31432

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw...

6CVSS6.2AI score0.00448EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.3 views

Kiro IDE 安全漏洞

Kiro IDE is an integrated development environment from Kiro Open Source. A security vulnerability exists in Kiro IDE versions prior to 0.6.18, which stems from a command injection vulnerability in the handling of specially crafted workspace folder names, which could lead to the execution of...

8.4CVSS7.6AI score0.01279EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.6 views

PT-2026-2030

Name of the Vulnerable Software and Affected Versions Kiro IDE versions prior to 0.6.18 Description Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper. This occurs when opening maliciously crafted workspaces. The...

8.4CVSS7.5AI score0.01279EPSS
Exploits0References12
Rows per page
Query Builder