Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 2025/10/09 12:4 p.m.6 views

CVE-2025-10004 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2 that could make the GitLab instance unresponsive or severely degraded by sending crafted GraphQL queries requesting large repository blobs...

7.5CVSS0.00485EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/05/17 12:0 a.m.17 views

GitLab 13.9 < 13.11.6 / 13.12 < 13.12.6 / 14.0 < 14.0.2 (CVE-2021-22226)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Under certain conditions, some users were able to push to protected branches that were restricted to deploy keys in GitLab CE/EE since version 13.9 CVE-2021-22226 Note that Nessus has not tested for...

6.5CVSS6.5AI score0.00922EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/01/03 12:0 a.m.30 views

GitLab 11.9 < 13.11.6 / 13.12 < 13.12.6 / 14.0 < 14.0.2 (CVE-2021-22223)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Client-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT requests on behalf of other users via clicking on a link...

6.1CVSS6.4AI score0.00949EPSS
Exploits0References4
NVD
NVDadded 2023/09/01 11:15 a.m.16 views

CVE-2022-4343

An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which a project member can leak credentials stored in site profile...

5CVSS4.8AI score0.00393EPSS
Exploits0References2
OSV
OSVadded 2023/08/17 11:59 a.m.5 views

SUSE-SU-2023:3344-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: - Update to 13.12 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions. bsc1214059...

8.8CVSS9.3AI score0.01572EPSS
Exploits0References3
Prion
Prionadded 2023/08/03 5:15 a.m.29 views

Design/Logic Flaw

An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to run pipeline jobs as an arbitrary user via scheduled security scan...

4CVSS7.8AI score0.00878EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2021/08/23 8:15 p.m.0 views

UBUNTU-CVE-2021-22248

Improper authorization on the pipelines page in GitLab CE/EE affecting all versions since 13.12 allowed unauthorized users to view some pipeline information for public projects that have access to pipelines restricted to members only...

5.3CVSS5.8AI score0.01051EPSS
Exploits0References4
Cvelist
Cvelistadded 2021/07/07 11:26 a.m.19 views

CVE-2021-22224

A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim...

7.1CVSS6.8AI score0.00893EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2021/07/07 11:26 a.m.29 views

CVE-2021-22224

Removed by vendor...

7.1CVSS6.8AI score0.00893EPSS
Exploits0
Rows per page
Query Builder