CVEs with a CVSS Score Greater Than or Equal to 9

Critical vulnerabilities with Common Vulnerability Scoring System scores of 9.0 or higher pose severe risks to organisations' information systems. Timely detection and remediation are essential to minimise economic and reputational damage from cyberattacks. This paper provides a thorough analysis...

MiracleLinux 9 : webkit2gtk3-2.46.5-1.el9_5 (AXSA:2025-9538:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9538:01 advisory. WebKitGTK: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-54479 webkit: Processing maliciously crafted...

Vulnerabilities fixed in GitLab

GitLab has fixed vulnerabilities in GitLab CE/EE versions 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2. The vulnerabilities included an issue where specially constructed GraphQL queries could make large repository blobs unresponsive, and a flaw that allowed authenticated users with read-on...

BIT-GITLAB-2025-11340 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

UBUNTU-CVE-2025-11340

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

CVE-2025-11340

GitLab EE CVE-2025-11340 affects all versions 18.3–18.3.4 and 18.4–18.4.2. The root cause is incorrectly scoped GraphQL mutations that could allow authenticated users with read-only API tokens to perform unauthorized writes to vulnerability records. A patch is available in GitLab EE 18.4.2 (relea...

CVE-2025-11340 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

EUVD-2025-33333

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

CVE-2025-11340 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

CVE-2025-26819

creationtimestamp| type| source ---|---|--- 2025-02-14 23:45:37+00:00| seen| https://infosec.exchange/users/cve/statuses/114004901010161747 2025-02-15 00:16:20+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li6gtpcqld2t 2025-02-15 00:48:27+00:00| seen|...

CVE-2024-11680

creationtimestamp| type| source ---|---|--- 2024-11-21 17:59:45+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/projectsendunauthrce.rb 2024-11-26 09:58:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113548665618022004 2024-11-27...

CVE-2022-42920

creationtimestamp| type| source ---|---|--- 2022-11-28 12:30:49+00:00| seen| https://t.me/cibsecurity/52588 2024-02-07 07:36:30+00:00| seen| https://t.me/ctinow/180551 2024-02-08 11:07:11+00:00| seen| https://t.me/ctinow/181281 2024-02-10 09:07:11+00:00| seen| https://t.me/ctinow/182486 2025-05-1...

编号已被CVE保留

No details are available at this time...

CVE-2022-34918

creationtimestamp| type| source ---|---|--- 2022-07-21 10:35:57+00:00| published-proof-of-concept| https://t.me/proxybar/926 2022-07-21 12:14:33+00:00| published-proof-of-concept| https://t.me/crackcodes/873 2022-07-21 12:17:08+00:00| published-proof-of-concept|...

CVE-2020-8604

creationtimestamp| type| source ---|---|--- 2020-06-22 11:03:34+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/trendmicrowebsecurityexec.rb 2024-10-29 19:01:25+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1313...

CVE-2008-1117

creationtimestamp| type| source ---|---|--- 2008-03-11 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5238 2008-03-11 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/4455 2010-11-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16339 2018-05-29...