Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2021-22169 | An issue was identified in GitLab EE 13.4 or later which leaked internal IP address via error messages. | 4.3 | 0.83% | 2021-03-24 | 2026-06-16 |
| CVE-2021-22170 | Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content | 6.2 | 0.54% | 2021-12-06 | 2026-06-16 |
| CVE-2021-22171 | Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link | 7.3 | 1.33% | 2021-01-15 | 2026-06-16 |
| CVE-2021-22172 | Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page | 4.3 | 1.02% | 2021-03-26 | 2026-06-16 |
| CVE-2021-22173 | Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file | 3.7 | 2.41% | 2021-02-17 | 2026-06-16 |
| CVE-2021-22174 | Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file | 3.7 | 2.75% | 2021-02-17 | 2026-06-16 |
| CVE-2021-22175 KEV | When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled | 6.8 | 53.37% | 2021-06-11 | 2026-06-16 |
| CVE-2021-22176 | An issue has been discovered in GitLab affecting all versions starting with 3.0.1. Improper access control allows demoted project members to access details on authored merge requests | 4.3 | 1.00% | 2021-03-24 | 2026-06-16 |
| CVE-2021-22177 | Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command. | 4.3 | 1.21% | 2021-04-01 | 2026-06-16 |
| CVE-2021-22178 | An issue has been discovered in GitLab affecting all versions starting from 13.2. Gitlab was vulnerable to SRRF attack through the Prometheus integration. | 5.0 | 1.11% | 2021-03-24 | 2026-06-16 |
| CVE-2021-22179 | A vulnerability was discovered in GitLab versions before 12.2. GitLab was vulnerable to a SSRF attack through the Outbound Requests feature. | 5.4 | 0.95% | 2021-03-24 | 2026-06-16 |
| CVE-2021-22180 | An issue has been discovered in GitLab affecting all versions starting from 13.4. Improper access control allows unauthorized users to access details on analytic pages. | 4.3 | 0.86% | 2021-03-26 | 2026-06-16 |
| CVE-2021-22181 | A denial of service vulnerability in GitLab CE/EE affecting all versions since 11.8 allows an attacker to create a recursive pipeline relationship and exhaust resources. | 7.7 | 1.06% | 2021-06-11 | 2026-06-16 |
| CVE-2021-22182 | An issue has been discovered in GitLab affecting all versions starting with 13.7. GitLab was vulnerable to a stored XSS in merge request. | 3.5 | 1.00% | 2021-03-03 | 2026-06-16 |
| CVE-2021-22183 | An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions. | 4.1 | 0.84% | 2021-03-04 | 2026-06-16 |
| CVE-2021-22184 | An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted. | 6.2 | 0.30% | 2021-03-26 | 2026-06-16 |
| CVE-2021-22185 | Insufficient input sanitization in wikis in GitLab version 13.8 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted commit to a wiki | 5.4 | 0.81% | 2021-03-24 | 2026-06-16 |
| CVE-2021-22186 | An authorization issue in GitLab CE/EE version 9.4 and up allowed a group maintainer to modify group CI/CD variables which should be restricted to group owners | 4.9 | 0.86% | 2021-03-24 | 2026-06-16 |
| CVE-2021-22187 | An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed running or pending jobs to continue even after project was deleted. | 4.3 | 1.04% | 2021-03-02 | 2026-06-16 |
| CVE-2021-22188 | An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs. | 5.3 | 1.31% | 2021-03-03 | 2026-06-16 |