CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

UbuntuCve•added 2025/10/29 7:15 a.m.•2 views

CVE-2025-11702

GitLab has remediated an issue in EE affecting all versions from 17.1 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker with specific permissions to hijack project runners from other projects...

8.8CVSS7.3AI score0.00013EPSS

Exploits0References1

UbuntuCve•added 2025/10/09 12:15 p.m.•2 views

CVE-2025-11340

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

7.7CVSS5.9AI score0.00014EPSS

Exploits0References3

UbuntuCve•added 2025/07/24 7:15 a.m.•1 views

CVE-2025-7001

An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed priviledged users to access certain resourcegroup information through the API which should have been unavailable...

4.3CVSS5.8AI score0.00065EPSS

Exploits0References1

UbuntuCve•added 2025/02/13 1:15 a.m.•6 views

CVE-2024-8266

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances...

6.6CVSS5.9AI score0.00061EPSS

Exploits1References3

UbuntuCve•added 2025/02/07 12:0 a.m.•7 views

CVE-2025-1072

A Denial of Service DoS issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14.1 prior to 17.3.7, 17.4 prior to 17.4.4, and 17.5 prior to 17.5.2. A denial of service could occur upon importing maliciously crafted content using the Fogbugz importer...

6.5CVSS5.7AI score0.00177EPSS

Exploits0References4

UbuntuCve•added 2025/01/31 12:0 a.m.•7 views

CVE-2023-6195

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.5 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. GitLab was vulnerable to Server Side Request Forgery when an attacker uses a malicious URL in the markdown image...

4.3CVSS5.8AI score0.00054EPSS

Exploits1References3

OSSF Malicious Packages•added 2025/01/30 4:55 p.m.•0 views

Malicious code in package-maintenance (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score

Exploits0

OSV•added 2025/01/30 4:55 p.m.•4 views

MAL-2025-679 Malicious code in package-maintenance (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

7.1AI score

Exploits0

UbuntuCve•added 2024/10/11 1:15 p.m.•9 views

CVE-2024-8970

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows an attacker to trigger a pipeline as another user under certain circumstances...

8.8CVSS6.1AI score0.00067EPSS

Exploits0References3

Fedora•added 2018/09/20 7:13 p.m.•32 views

[SECURITY] Fedora 28 Update: devscripts-2.18.4-1.fc28

Scripts to make the life of a Debian Package maintainer easier...

9.8CVSS2.6AI score0.01212EPSS

Exploits0

OpenVAS•added 2010/09/22 12:0 a.m.•27 views

Ubuntu: Security Advisory (USN-986-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS6.6AI score0.07688EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by