Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2021-22188

    An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.33
    • Published: Mar. 03, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22187

    An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed running or pending jobs to continue even after project was deleted.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.17
    • Published: Mar. 02, 2021
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2021-22186

    An authorization issue in GitLab CE/EE version 9.4 and up allowed a group maintainer to modify group CI/CD variables which should be restricted to group owners... Read more

    Affected Products : gitlab
    • EPSS Score: %0.17
    • Published: Mar. 24, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-22185

    Insufficient input sanitization in wikis in GitLab version 13.8 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted commit to a wiki... Read more

    Affected Products : gitlab
    • EPSS Score: %0.17
    • Published: Mar. 24, 2021
    • Modified: Nov. 21, 2024

  • 6.2

    MEDIUM
    CVE-2021-22184

    An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.07
    • Published: Mar. 26, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-22183

    An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.18
    • Published: Mar. 04, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-22182

    An issue has been discovered in GitLab affecting all versions starting with 13.7. GitLab was vulnerable to a stored XSS in merge request.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.14
    • Published: Mar. 03, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-22181

    A denial of service vulnerability in GitLab CE/EE affecting all versions since 11.8 allows an attacker to create a recursive pipeline relationship and exhaust resources.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.17
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22180

    An issue has been discovered in GitLab affecting all versions starting from 13.4. Improper access control allows unauthorized users to access details on analytic pages.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.14
    • Published: Mar. 26, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22179

    A vulnerability was discovered in GitLab versions before 12.2. GitLab was vulnerable to a SSRF attack through the Outbound Requests feature.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.31
    • Published: Mar. 24, 2021
    • Modified: Nov. 21, 2024

  • 5.0

    MEDIUM
    CVE-2021-22178

    An issue has been discovered in GitLab affecting all versions starting from 13.2. Gitlab was vulnerable to SRRF attack through the Prometheus integration.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.28
    • Published: Mar. 24, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22177

    Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.16
    • Published: Apr. 01, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22176

    An issue has been discovered in GitLab affecting all versions starting with 3.0.1. Improper access control allows demoted project members to access details on authored merge requests... Read more

    Affected Products : gitlab
    • EPSS Score: %0.33
    • Published: Mar. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-22175

    When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registr... Read more

    Affected Products : gitlab
    • EPSS Score: %35.72
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-22174

    Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file... Read more

    Affected Products : fedora wireshark zfs_storage_appliance
    • EPSS Score: %1.08
    • Published: Feb. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-22173

    Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file... Read more

    Affected Products : fedora wireshark zfs_storage_appliance
    • EPSS Score: %0.95
    • Published: Feb. 17, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22172

    Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page... Read more

    Affected Products : gitlab
    • EPSS Score: %0.26
    • Published: Mar. 26, 2021
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2021-22171

    Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link... Read more

    Affected Products : gitlab
    • EPSS Score: %0.12
    • Published: Jan. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-22170

    Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content... Read more

    Affected Products : gitlab
    • EPSS Score: %0.07
    • Published: Dec. 06, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22169

    An issue was identified in GitLab EE 13.4 or later which leaked internal IP address via error messages.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.20
    • Published: Mar. 24, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 290943 Results