Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.1

    HIGH
    CVE-2023-4232

    A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious ... Read more

    Affected Products : fedora ofono
    • Published: Apr. 17, 2024
    • Modified: Aug. 06, 2025

  • 7.5

    HIGH
    CVE-2024-9631

    An issue was discovered in GitLab CE/EE affecting all versions starting from 13.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, where viewing diffs of MR with conflicts can be slow.... Read more

    Affected Products : gitlab
    • Published: Feb. 05, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 5.4

    MEDIUM
    CVE-2024-5528

    An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages.... Read more

    Affected Products : gitlab
    • Published: Feb. 05, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Misconfiguration

  • 4.4

    MEDIUM
    CVE-2024-6356

    An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot.... Read more

    Affected Products : gitlab
    • Published: Feb. 05, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 5.3

    MEDIUM
    CVE-2024-1539

    An issue has been discovered in GitLab EE affecting all versions starting from 15.2 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose updates to issues to a banned group member usi... Read more

    Affected Products : gitlab
    • Published: Feb. 05, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Information Disclosure

  • 5.3

    MEDIUM
    CVE-2025-1198

    An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming r... Read more

    Affected Products : gitlab
    • Published: Feb. 13, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authentication

  • 6.6

    MEDIUM
    CVE-2024-8266

    An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances.... Read more

    Affected Products : gitlab
    • Published: Feb. 13, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 9.6

    CRITICAL
    CVE-2024-7102

    An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances.... Read more

    Affected Products : gitlab
    • Published: Feb. 13, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 4.3

    MEDIUM
    CVE-2025-0516

    Improper Authorization in GitLab CE/EE affecting all versions from 17.7 prior to 17.7.4, 17.8 prior to 17.8.2 allow users with limited permissions to perform unauthorized actions on critical project data.... Read more

    Affected Products : gitlab
    • Published: Feb. 12, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 8.8

    HIGH
    CVE-2024-9870

    An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services.... Read more

    Affected Products : gitlab
    • Published: Feb. 12, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Server-Side Request Forgery

  • 7.5

    HIGH
    CVE-2025-1212

    An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send a crafted request to a backend server to reveal sensitive information.... Read more

    Affected Products : gitlab
    • Published: Feb. 12, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2025-1042

    An insecure direct object reference vulnerability in GitLab EE affecting all versions from 15.7 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to view repositories in an unauthorized way.... Read more

    Affected Products : gitlab
    • Published: Feb. 12, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 8.7

    HIGH
    CVE-2025-0376

    An XSS vulnerability exists in GitLab CE/EE affecting all versions from 13.3 prior to 17.6.5, 17.7 prior to 17.7.4 and 17.8 prior to 17.8.2 that allows an attacker to execute unauthorized actions via a change page.... Read more

    Affected Products : gitlab
    • Published: Feb. 12, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 2.7

    LOW
    CVE-2024-7296

    An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2 which allowed a user with a custom permission to approve pending membership requests beyond the maximum number of allowe... Read more

    Affected Products : gitlab
    • Published: Mar. 13, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2024-13054

    An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions.... Read more

    Affected Products : gitlab
    • Published: Mar. 13, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2024-12380

    An issue was discovered in GitLab EE/CE affecting all versions starting from 11.5 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. Certain user inputs in repository mirroring settings could poten... Read more

    Affected Products : gitlab
    • Published: Mar. 13, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Information Disclosure

  • 4.3

    MEDIUM
    CVE-2025-2045

    Improper authorization in GitLab EE affecting all versions from 17.7 prior to 17.7.6, 17.8 prior to 17.8.4, 17.9 prior to 17.9.1 allow users with limited permissions to access to potentially sensitive project analytics data.... Read more

    Affected Products : gitlab
    • Published: Mar. 06, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 4.2

    MEDIUM
    CVE-2025-1540

    An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting all versions from 17.5 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2. It was possible for a user added as an External to read and clone inter... Read more

    Affected Products : gitlab
    • Published: Mar. 06, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 6.4

    MEDIUM
    CVE-2024-3303

    An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.6.5, starting from 17.7 prior to 17.7.4, and starting from 17.8 prior to 17.8.2, which allows an attacker to exfiltrate contents of a private issue using prompt inj... Read more

    Affected Products : gitlab
    • Published: Feb. 13, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Information Disclosure

  • 6.7

    MEDIUM
    CVE-2025-50200

    RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in requ... Read more

    Affected Products : rabbitmq rabbitmq_server
    • Published: Jun. 19, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 291394 Results