Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Snyk
Snykadded 2026/05/04 7:46 p.m.7 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the io.Copy process that handles binary import requests. An attacker can exhaust disk space on the host system by continuously streaming large amounts of data to the affected...

5.3CVSS5.8AI score0.00017EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-42699

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00144EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-54473

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00256EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-42696

Malicious code in bioql PyPI...

6CVSS6.6AI score0.00144EPSS
Exploits0References3
OSV
OSVadded 2025/05/13 6:11 a.m.6 views

BIT-GITLAB-2024-8973 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. It was possible to cause a DoS condition via GitHub import requests using a malicious crafted payload...

7.5CVSS6AI score0.00256EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/11 5:6 p.m.26 views

CVE-2024-8973

An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. It was possible to cause a DoS condition via GitHub import requests using a malicious crafted payload...

7.5CVSS6.4AI score0.00256EPSS
Exploits0References1
NVD
NVDadded 2025/05/09 5:15 p.m.17 views

CVE-2024-8973

An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. It was possible to cause a DoS condition via GitHub import requests using a malicious crafted payload...

7.5CVSS0.00256EPSS
Exploits0References2
Snyk
Snykadded 2024/10/09 6:45 p.m.2 views

Improper Ownership Management

Overview Affected versions of this package are vulnerable to Improper Ownership Management due to the storage and comparison of local actor IDs in the database. An attacker can impersonate another user and manipulate import requests by exploiting coinciding actor IDs across different wikis. Note:...

6.4CVSS6.6AI score0.00144EPSS
Exploits0References2
OSV
OSVadded 2024/10/09 6:19 p.m.10 views

CVE-2024-47816 Users can impersonate import requesters if their actor IDs coincide in ImportDump

ImportDump is a mediawiki extension designed to automate user import requests. A user's local actor ID is stored in the database to tell who made what requests. Therefore, if a user on another wiki happens to have the same actor ID as someone on the central wiki, the user on the other wiki can ac...

6.4CVSS6.5AI score0.00144EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2024/10/09 6:12 p.m.11 views

CVE-2024-47812 Cross-site Scripting (XSS) on Special:RequestImportQueue when displaying request date in ImportDump

ImportDump is an extension for mediawiki designed to automate user import requests. Anyone who can edit the interface strings of a wiki typically administrators and interface admins can embed XSS payloads in the messages for dates, and thus XSS anyone who views Special:RequestImportQueue. This...

6CVSS6.1AI score0.00144EPSS
Exploits0References3
Rows per page
Query Builder