CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-26262

Malware in sbrugna...

8.7CVSS7.2AI score0.01EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-53885

Malicious code in bioql PyPI...

8.7CVSS6.3AI score0.00431EPSS

Exploits0References2

OSV•added 2025/02/11 7:26 a.m.•7 views

BIT-GITLAB-2024-10383 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab VSCode Fork

An issue has been discovered in the gitlab-web-ide-vscode-fork component distributed over CDN affecting all versions prior to 1.89.1 and used by all versions of GitLab CE/EE starting from 15.11 prior to 17.3 and which also temporarily affected versions 17.4, 17.5 and 17.6, where a XSS attack was...

8.7CVSS5.7AI score0.00431EPSS

Exploits0References3

RedhatCVE•added 2025/02/09 2:16 p.m.•3 views

CVE-2024-10383

An issue has been discovered in the gitlab-web-ide-vscode-fork component distributed over CDN affecting all versions prior to 1.89.1-1.0.0-dev-20241118094343and used by all versions of GitLab CE/EE starting from 15.11 prior to 17.3 and which also temporarily affected versions 17.4, 17.5 and 17.6,...

8.7CVSS5.7AI score0.00431EPSS

Exploits0References1

NVD•added 2025/02/07 3:15 p.m.•10 views

CVE-2024-10383

8.7CVSS0.00431EPSS

Exploits0References2

Cvelist•added 2025/02/07 2:12 p.m.•13 views

CVE-2024-10383 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab VSCode Fork

8.7CVSS0.00431EPSS

Exploits0References2

CVE•added 2025/02/07 2:12 p.m.•86 views

CVE-2024-10383

The CVE-2024-10383 entry concerns the gitlab-web-ide-vscode-fork component distributed over CDN. Affected versions include all prior to 1.89.1-1.0.0-dev-20241118094343 and used by GitLab CE/EE from 15.11 up to 17.3, with temporary impact on 17.4–17.6. The issue is described as a Cross-Site Script...

8.7CVSS5.9AI score0.00431EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2025/02/07 12:0 a.m.•1 views

PT-2025-5974 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 17.3 GitLab CE/EE versions 17.4, 17.5, and 17.6 gitlab-web-ide-vscode-fork versions prior to 1.89.1-1.0.0-dev-20241118094343 Description: An issue has been discovered in the gitlab-web-ide-vscode-fork component,...

8.7CVSS6AI score0.00431EPSS

Exploits0References12

RedhatCVE•added 2025/02/06 3:52 a.m.•6 views

CVE-2021-39906

Improper validation of ipynb files in GitLab CE/EE version 13.5 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf...

8.7CVSS7.1AI score0.01EPSS

Exploits0References1

Veracode•added 2023/08/06 8:6 p.m.•24 views

Cross-site Scripting (XSS)

gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the improper validation in the ipynb files of the library, which allows an attacker to inject and execute malicious javascript...

8.7CVSS6.5AI score0.01EPSS

Exploits0References4Affected Software1

OSV•added 2021/11/05 12:15 a.m.•15 views

CVE-2021-39906

Improper validation of ipynb files in GitLab CE/EE version 13.5 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf...

6.1CVSS7.1AI score0.01EPSS

Exploits0References3