Writeup Exploits
60,754 exploits tracked across all sources.
GitLab <13.0.12-13.2.3 - Privilege Escalation
For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members from a parent group keep their access level on the subgroup leading to improper access.
CVSS 3.1
GitLab 10.8.0-13.0.11 - Cross-Site Scripting via Milestone Title
For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list via milestone title.
CVSS 7.3
GitLab 12.9.0-13.0.11 - Cross-Site Scripting in Issue Reference Tooltip
For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting (XSS) vulnerability exists in the issue reference number tooltip.
CVSS 7.3
GitLab 12.7.0-13.0.11 - Server-Side Request Forgery via Git Configuration Settings
For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery.
CVSS 6.4
GitLab <13.0.12-13.2.3 - Auth Bypass
In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow.
CVSS 9.6
GitLab <13.0.12-13.2.3 - Info Disclosure
In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.
CVSS 6.3
GitLab <13.0.12-13.2.3 - Info Disclosure
In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.
CVSS 4.2
GitLab Runner <13.0.12-13.2.3 - SSRF
For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.
CVSS 5.4
GitLab <13.1.10-13.3.4 - Auth Bypass
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could bypass that restriction by sending a specific query to the API endpoint.
CVSS 3.8
GitLab <13.1.10-13.3.4 - Info Disclosure
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.
CVSS 7.2
GitLab < 13.1.10 - Stored Cross-Site Scripting on Standalone Vulnerability Page
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a stored XSS on the standalone vulnerability page.
CVSS 5.5
GitLab <13.1.10-13.3.4 - Privilege Escalation
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Under certain conditions GitLab was not properly revoking user sessions and allowed a malicious user to access a user account with an old password.
CVSS 3.8
GitLab <13.1.10-13.3.4 - Privilege Escalation
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Same 2 factor Authentication secret code was generated which resulted an attacker to maintain access under certain conditions.
CVSS 3.8
GitLab <13.1.10-13.3.4 - Info Disclosure
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not invalidating project invitation link upon removing a user from a project.
CVSS 3.5
GitLab < 13.1.10 - Denial of Service via Webhook Rate Limitation Bypass
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab Webhook feature could be abused to perform denial of service attacks due to the lack of rate limitation.
CVSS 3.7
GitLab <13.1.10-13.3.4 - Blind SSRF
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature.
CVSS 5.4
GitLab Runner < 13.1.3, 13.2.3, 13.3.1 - Denial of Service via Malformed Queries
A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1. It was possible to make the gitlab-runner process crash by sending malformed queries, resulting in a denial of service.
CVSS 6.5
GitLab < 13.1.10 - Denial of Service via Profile Activity Page
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The profile activity page was not restricting the amount of results one could request, potentially resulting in a denial of service.
CVSS 3.7
GitLab 13.1-13.3 - Denial of Service via Release Asset Link Update API
A potential DOS vulnerability was discovered in GitLab versions 13.1, 13.2 and 13.3. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks for certain user supplied values resulting in high CPU usage.
CVSS 4.3
GitLab 12.10-12.10.12 - Stored Cross-Site Scripting via Group Name
An issue has been discovered in GitLab affecting versions from 12.10 to 12.10.12 that allowed for a stored XSS payload to be added as a group name.
CVSS 7.2
GitLab <12.10.13, 13.0.8, 13.1.2 - XSS
An issue has been discovered in GitLab affecting versions prior to 12.10.13, 13.0.8, 13.1.2. A stored cross-site scripting vulnerability was discovered when editing references.
CVSS 5.4
GitLab < 13.2.10, 13.3.7, 13.4.2 - Stored Cross-Site Scripting in CI Job Log
An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log
CVSS 8.7
GitLab 11.2.0-13.4.2 - Unauthorized Custom Project Template Exposure
An issue has been discovered in GitLab affecting all versions starting from 11.2. Unauthorized Users Can View Custom Project Template
CVSS 7.5
Wavlink WL-WN530HG4 M30HG4.V5030.191116 - Remote Code Execution via CGI Script Shell Metacharacter Injection
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges.
CVSS 9.8
Wavlink WL-WN530HG4 M30HG4.V5030.191116 - Remote Code Execution via CGI Script Buffer Overflow
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple buffer overflow vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges. (The set of affected scripts is similar to CVE-2020-12266.)
CVSS 9.8
By Source