Search CVE reports

Toggle filters

151 – 160 of 33695 results

Status is adjusted based on your filters.

CVE-2026-1516

Medium priority

Not in release

GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code Quality reports could have allowed an authenticated user to leak IP addresses...

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2026-1403

Medium priority

Not in release

[Unknown description]

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2026-1101

Medium priority

Not in release

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to cause denial of service to the...

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2026-1092

Medium priority

Not in release

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service due to...

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2025-9484

Medium priority

Not in release

GitLab has remediated an issue in GitLab EE affecting all versions from 16.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain circumstances could have allowed an authenticated user to have access to...

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2025-12664

Medium priority

Not in release

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service by...

1 affected package

gitlab

Package 24.04 LTS
gitlab Not in release
Show less packages

CVE-2026-33810

Medium priority
Needs evaluation

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 24.04 LTS
golang Not in release
golang-1.6 Not in release
golang-1.8 Not in release
golang-1.9 Not in release
golang-1.10 Not in release
golang-1.13 Not in release
golang-1.14 Not in release
golang-1.16 Not in release
golang-1.17 Not in release
golang-1.18 Not in release
golang-1.20 Not in release
golang-1.21 Needs evaluation
golang-1.22 Needs evaluation
golang-1.23 Needs evaluation
golang-1.24 Needs evaluation
golang-1.25 Not in release
Show all 16 packages Show less packages

CVE-2026-32289

Medium priority
Needs evaluation

Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 24.04 LTS
golang Not in release
golang-1.6 Not in release
golang-1.8 Not in release
golang-1.9 Not in release
golang-1.10 Not in release
golang-1.13 Not in release
golang-1.14 Not in release
golang-1.16 Not in release
golang-1.17 Not in release
golang-1.18 Not in release
golang-1.20 Not in release
golang-1.21 Needs evaluation
golang-1.22 Needs evaluation
golang-1.23 Needs evaluation
golang-1.24 Needs evaluation
golang-1.25 Not in release
Show all 16 packages Show less packages

CVE-2026-32288

Medium priority
Needs evaluation

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format.

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 24.04 LTS
golang Not in release
golang-1.6 Not in release
golang-1.8 Not in release
golang-1.9 Not in release
golang-1.10 Not in release
golang-1.13 Not in release
golang-1.14 Not in release
golang-1.16 Not in release
golang-1.17 Not in release
golang-1.18 Not in release
golang-1.20 Not in release
golang-1.21 Needs evaluation
golang-1.22 Needs evaluation
golang-1.23 Needs evaluation
golang-1.24 Needs evaluation
golang-1.25 Not in release
Show all 16 packages Show less packages

CVE-2026-32283

Medium priority
Needs evaluation

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only...

16 affected packages

golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...

Package 24.04 LTS
golang Not in release
golang-1.6 Not in release
golang-1.8 Not in release
golang-1.9 Not in release
golang-1.10 Not in release
golang-1.13 Not in release
golang-1.14 Not in release
golang-1.16 Not in release
golang-1.17 Not in release
golang-1.18 Not in release
golang-1.20 Not in release
golang-1.21 Needs evaluation
golang-1.22 Needs evaluation
golang-1.23 Needs evaluation
golang-1.24 Needs evaluation
golang-1.25 Not in release
Show all 16 packages Show less packages
  1. Previous page
  2. 14
  3. 15
  4. 16
  5. 17
  6. 18
  7. Next page
Export to JSON