Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.9

    MEDIUM
    CVE-2021-22267

    Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay attack for T0320L01^ABP through T0320L01^ABZ, T0952L01^AAH through T0952L01^AAR, T0986L01 through T0986L01^AAF, T0665L01^AAP, and T0662L01^AAP (L) and T0320H01^ABO... Read more

    Affected Products : web_viewpoint nonstop
    • EPSS Score: %0.33
    • Published: Feb. 09, 2021
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-22264

    An issue has been discovered in GitLab affecting all versions starting from 13.8 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. Under specialized conditions, an invited group member may continu... Read more

    Affected Products : gitlab
    • EPSS Score: %0.14
    • Published: Oct. 05, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-22263

    An issue has been discovered in GitLab affecting all versions starting from 13.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. A user account with 'external' status which is granted 'Maintaine... Read more

    Affected Products : gitlab
    • EPSS Score: %0.20
    • Published: Oct. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-22262

    Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative ... Read more

    Affected Products : gitlab
    • EPSS Score: %0.16
    • Published: Oct. 05, 2021
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2021-22261

    A stored Cross-Site Scripting vulnerability in the Jira integration in all GitLab versions starting from 13.9 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to execute arb... Read more

    Affected Products : gitlab
    • EPSS Score: %0.33
    • Published: Oct. 05, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-22260

    A stored Cross-Site Scripting vulnerability in the DataDog integration in all versions of GitLab CE/EE starting from 13.7 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to... Read more

    Affected Products : gitlab
    • EPSS Score: %0.27
    • Published: Nov. 05, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-22259

    A potential DOS vulnerability was discovered in GitLab EE starting with version 12.6 due to lack of pagination in dependencies API.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.28
    • Published: Oct. 04, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22258

    The project import/export feature in GitLab 8.9 and greater could be used to obtain otherwise private email addresses... Read more

    Affected Products : gitlab
    • EPSS Score: %0.27
    • Published: Oct. 05, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-22257

    An issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. The route for /user.keys is not restricted on instances with publ... Read more

    Affected Products : gitlab
    • EPSS Score: %0.22
    • Published: Oct. 05, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22256

    Improper authorization in GitLab CE/EE affecting all versions since 12.6 allowed guest users to create issues for Sentry errors and track their status... Read more

    Affected Products : gitlab
    • EPSS Score: %0.23
    • Published: Aug. 25, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-22255

    SSRF in URL file upload in Baserow <1.1.0 allows remote authenticated users to retrieve files from the internal server network exposed over HTTP by inserting an internal address.... Read more

    Affected Products : baserow
    • EPSS Score: %0.22
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22254

    Under very specific conditions a user could be impersonated using Gitlab shell. This vulnerability affects GitLab CE/EE 13.1 and later through 14.1.2, 14.0.7 and 13.12.9.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.27
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2021-22253

    Improper authorization in GitLab EE affecting all versions since 13.4 allowed a user who previously had the necessary access to trigger deployments to protected environments under specific conditions after the access has been removed... Read more

    Affected Products : gitlab
    • EPSS Score: %0.31
    • Published: Aug. 23, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-22252

    A confusion between tag and branch names in GitLab CE/EE affecting all versions since 13.7 allowed a Developer to access protected CI variables which should only be accessible to Maintainers... Read more

    Affected Products : gitlab
    • EPSS Score: %0.27
    • Published: Aug. 23, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22251

    Improper validation of invited users' email address in GitLab EE affecting all versions since 12.2 allowed projects to add members with email address domain that should be blocked by group settings... Read more

    Affected Products : gitlab
    • EPSS Score: %0.22
    • Published: Aug. 23, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-22250

    Improper authorization in GitLab CE/EE affecting all versions since 13.3 allowed users to view and delete impersonation tokens that administrators created for their account... Read more

    Affected Products : gitlab
    • EPSS Score: %0.25
    • Published: Aug. 25, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22249

    A verbose error message in GitLab EE affecting all versions since 12.2 could disclose the private email address of a user invited to a group... Read more

    Affected Products : gitlab
    • EPSS Score: %0.27
    • Published: Aug. 23, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-22248

    Improper authorization on the pipelines page in GitLab CE/EE affecting all versions since 13.12 allowed unauthorized users to view some pipeline information for public projects that have access to pipelines restricted to members only... Read more

    Affected Products : gitlab
    • EPSS Score: %0.22
    • Published: Aug. 23, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-22247

    Improper authorization in GitLab CE/EE affecting all versions since 13.0 allows guests in private projects to view CI/CD analytics... Read more

    Affected Products : gitlab
    • EPSS Score: %0.24
    • Published: Aug. 25, 2021
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2021-22246

    A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. GitLab Webhook feature could be abused to perform denial of service attacks.... Read more

    Affected Products : gitlab
    • EPSS Score: %0.22
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291558 Results