Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2021-22189 | Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues. | 5.9 | 0.66% | 2021-03-04 | 2026-06-16 |
| CVE-2021-22190 | A path traversal vulnerability via the GitLab Workhorse in all versions of GitLab could result in the leakage of a JWT token | 8.5 | 1.32% | 2021-04-12 | 2026-06-16 |
| CVE-2021-22191 | Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file. | 6.3 | 3.64% | 2021-03-15 | 2026-06-16 |
| CVE-2021-22192 | An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users to execute arbitrary code on the server. | 9.9 | 13.11% | 2021-03-24 | 2026-06-16 |
| CVE-2021-22193 | An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a private group was able to validate the use of a specific name for private project. | 3.5 | 0.99% | 2021-03-24 | 2026-06-16 |
| CVE-2021-22194 | In all versions of GitLab, marshalled session keys were being stored in Redis. | 5.7 | 0.19% | 2021-03-26 | 2026-06-16 |
| CVE-2021-22195 | Client side code execution in gitlab-vscode-extension v3.15.0 and earlier allows attacker to execute code on user system | 8.6 | 1.14% | 2021-04-01 | 2026-06-16 |
| CVE-2021-22196 | An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4. It was possible to exploit a stored cross-site-scripting in merge request via a specifically crafted branch name. | 6.3 | 0.94% | 2021-04-02 | 2026-06-16 |
| CVE-2021-22197 | An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access a MR having source and target branch pointing to each other | 3.5 | 0.84% | 2021-04-02 | 2026-06-16 |
| CVE-2021-22198 | An issue has been discovered in GitLab CE/EE affecting all versions from 13.8 and above allowing an authenticated user to delete incident metric images of public projects. | 4.3 | 1.08% | 2021-04-02 | 2026-06-16 |
| CVE-2021-22199 | An issue has been discovered in GitLab affecting all versions starting with 12.9. GitLab was vulnerable to a stored XSS if scoped labels were used. | 3.5 | 0.79% | 2021-04-22 | 2026-06-16 |
| CVE-2021-22200 | An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Under a special condition it was possible to access data of an internal repository through a public project fork as an anonymous user. | 5.9 | 1.00% | 2021-04-02 | 2026-06-16 |
| CVE-2021-22201 | An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server. | 9.6 | 3.07% | 2021-04-02 | 2026-06-16 |
| CVE-2021-22202 | An issue has been discovered in GitLab CE/EE affecting all previous versions. If the victim is an admin, it was possible to issue a CSRF in System hooks through the API. | 2.4 | 0.48% | 2021-04-02 | 2026-06-16 |
| CVE-2021-22203 | An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 before 13.8.7, all versions starting from 13.9 before 13.9.5, and all versions starting from 13.10 before 13.10.1. A specially crafted Wiki page allowed attackers to read arbitrary files on the server. | 7.5 | 1.39% | 2021-04-02 | 2026-06-16 |
| CVE-2021-22204 KEV | Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image | 6.8 | 99.98% | 2021-04-23 | 2026-06-16 |
| CVE-2021-22205 KEV | An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution. | 10.0 | 99.73% | 2021-04-23 | 2026-06-16 |
| CVE-2021-22206 | An issue has been discovered in GitLab affecting all versions starting from 11.6. Pull mirror credentials are exposed that allows other maintainers to be able to view the credentials in plain-text, | 6.8 | 1.03% | 2021-05-06 | 2026-06-16 |
| CVE-2021-22207 | Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file | 5.5 | 2.02% | 2021-04-23 | 2026-06-16 |
| CVE-2021-22208 | An issue has been discovered in GitLab affecting versions starting with 13.5 up to 13.9.7. Improper permission check could allow the change of timestamp for issue creation or update. | 4.3 | 0.76% | 2021-05-06 | 2026-06-16 |