Lucene search
+L

36 matches found

nessus
nessus
added 2026/07/09 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-11827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain...

4.9CVSS6.2AI score0.00255EPSS
Exploits0References2
cvelist
cvelist
added 2026/07/08 8:46 p.m.35 views

CVE-2026-11827 Insufficiently Protected Credentials in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to obtain another user's stored credentials due to imprope...

4.9CVSS0.00255EPSS
Exploits0References3
euvd
euvd
added 2026/07/08 8:46 p.m.6 views

EUVD-2026-42404

GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to obtain another user's stored credentials due to imprope...

4.9CVSS6AI score0.00255EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.12 views

PT-2026-56587

Name of the Vulnerable Software and Affected Versions GitLab EE versions 9.5 through 18.11.6 GitLab EE versions 19.0 through 19.0.3 GitLab EE versions 19.1 through 19.1.1 Description Improper authorization controls could allow an authenticated user with maintainer-role permissions to obtain the...

4.9CVSS6.1AI score0.00255EPSS
Exploits0References6
nvd
nvd
added 2026/06/25 5:16 a.m.12 views

CVE-2026-12635

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to make requests to internal network resources through...

3.1CVSS0.00161EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/25 4:33 a.m.6 views

CVE-2026-12635

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to make requests to internal network resources through...

5.9AI score0.00161EPSS
Exploits0References3Affected Software1
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-44168

Malicious code in bioql PyPI...

5.4CVSS5.4AI score0.00322EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-9409

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.0106EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-4923

Malicious code in bioql PyPI...

6.6CVSS6.3AI score0.00428EPSS
Exploits1References3
nessus
nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-1981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions starting from 12.2 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. In GitLab,...

3.5CVSS4.9AI score0.00738EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 2:12 a.m.9 views

CVE-2023-3509

An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible deploy keys associated...

5.4CVSS6.5AI score0.00322EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 8:47 p.m.7 views

CVE-2021-22263

An issue has been discovered in GitLab affecting all versions starting from 13.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. A user account with 'external' status which is granted 'Maintainer' role on any project on the GitLab...

6.5CVSS6.9AI score0.0106EPSS
Exploits1References1
osv
osv
added 2025/02/17 7:14 p.m.30 views

BIT-GITLAB-2024-8266 Execution with Unnecessary Privileges in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...

6.6CVSS4.2AI score0.00428EPSS
Exploits1References3
redhatcve
redhatcve
added 2025/02/15 1:25 a.m.11 views

CVE-2024-8266

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...

6.6CVSS6.2AI score0.00428EPSS
Exploits1References1
nvd
nvd
added 2025/02/13 1:15 a.m.34 views

CVE-2024-8266

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...

6.6CVSS0.00428EPSS
Exploits1References2
debiancve
debiancve
added 2025/02/13 12:54 a.m.44 views

CVE-2024-8266

Removed by vendor...

6.6CVSS5.8AI score0.00428EPSS
Exploits1
vulnrichment
vulnrichment
added 2025/02/13 12:54 a.m.12 views

CVE-2024-8266 Execution with Unnecessary Privileges in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...

4.4CVSS6.5AI score0.00428EPSS
Exploits1References2
osv
osv
added 2025/02/13 12:54 a.m.6 views

CVE-2024-8266 Execution with Unnecessary Privileges in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...

4.4CVSS6.4AI score0.00428EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2025/02/13 12:0 a.m.8 views

PT-2025-6770 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.1 through 17.5 Description: An issue was discovered in GitLab CE/EE, which allows an attacker with a maintainer role to trigger a pipeline as the project owner under certain circumstances. Recommendations: For version...

6.6CVSS6.5AI score0.00428EPSS
Exploits1References12
veracode
veracode
added 2024/08/01 5:55 a.m.23 views

Improper Permission Validation

github.com/goharbor/harbor is vulnerable to Improper Permission Validation. The vulnerability is due to the failure to validate maintainer role permissions when updating project configurations. Attackers can exploit this by sending requests to create, update, or delete metadata in a project they ...

6.4CVSS6.7AI score0.00368EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder