Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-24600

Malicious code in bioql PyPI...

8.7CVSS6.5AI score0.00289EPSS
Exploits0References2
OSV
OSV
added 2025/08/18 8:34 a.m.5 views

BIT-GITLAB-2025-6186 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...

8.7CVSS6.4AI score0.00289EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/15 5:30 p.m.3 views

CVE-2025-6186

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...

8.7CVSS6.5AI score0.00289EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/14 12:0 a.m.6 views

GitLab 18.1 < 18.1.4 / 18.2 < 18.2.2 (CVE-2025-6186)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting...

8.7CVSS5.9AI score0.00289EPSS
Exploits0References4
OSV
OSV
added 2025/08/13 6:15 p.m.3 views

UBUNTU-CVE-2025-6186

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...

8.7CVSS5.8AI score0.00289EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/13 5:26 p.m.8 views

CVE-2025-6186 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...

8.7CVSS0.00289EPSS
Exploits0References2
CVE
CVE
added 2025/08/13 5:26 p.m.55 views

CVE-2025-6186

CVE-2025-6186 affects GitLab CE/EE: all versions from 18.1 before 18.1.4 and 18.2 before 18.2.2. The issue allows authenticated users to potentially take over accounts by injecting malicious HTML into work item names. Connected sources (OSV entries) confirm the same description and affected versi...

8.7CVSS6.5AI score0.00289EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/08/13 5:26 p.m.3 views

CVE-2025-6186 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...

8.7CVSS6.6AI score0.00289EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.3 views

PT-2025-33054 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 18.1 through 18.1.4 GitLab CE/EE versions 18.2 through 18.2.2 Description: An issue exists in GitLab CE/EE that allows authenticated users to take control of accounts by injecting malicious HTML into work item names...

8.7CVSS6AI score0.00289EPSS
Exploits0References11
Rows per page
Query Builder