CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 21401528 筆結果
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2020-13294 In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application. 4.2 1.22% 2020-08-10 2026-06-16
CVE-2020-13295 For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF. 5.4 1.16% 2020-08-10 2026-06-16
CVE-2020-13278 Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System < 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request. 6.1 1.43% 2020-08-12 2026-06-16
CVE-2020-13288 In GitLab before 13.0.12, 13.1.6, and 13.2.3, a stored XSS vulnerability exists in the CI/CD Jobs page 5.5 4.04% 2020-08-12 2026-06-16
CVE-2020-13290 In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page 7.5 1.11% 2020-08-12 2026-06-16
CVE-2020-13291 In GitLab before 13.2.3, project sharing could temporarily allow too permissive access. 8.1 0.96% 2020-08-12 2026-06-16
CVE-2020-13280 For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message. 6.5 1.05% 2020-08-13 2026-06-16
CVE-2020-13282 For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members from a parent group keep their access level on the subgroup leading to improper access. 3.1 0.68% 2020-08-13 2026-06-16
CVE-2020-13283 For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list via milestone title. 7.3 0.85% 2020-08-13 2026-06-16
CVE-2020-13285 For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting (XSS) vulnerability exists in the issue reference number tooltip. 7.3 1.01% 2020-08-13 2026-06-16
CVE-2020-13281 For GitLab before 13.0.12, 13.1.6, 13.2.3 a denial of service exists in the project import feature 6.5 1.33% 2020-08-13 2026-06-16
CVE-2020-13286 For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery. 6.4 0.74% 2020-08-13 2026-06-16
CVE-2020-13284 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token 6.5 1.09% 2020-09-14 2026-06-16
CVE-2020-13287 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Project reporters and above could see confidential EPIC attached to confidential issues 4.3 1.21% 2020-09-14 2026-06-16
CVE-2020-13289 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. In certain cases an invalid username could be accepted when 2FA is activated. 5.4 0.69% 2020-09-14 2026-06-16
CVE-2020-13299 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The revocation feature was not revoking all session tokens and one could re-use it to obtain a valid session. 8.1 1.23% 2020-09-14 2026-06-16
CVE-2020-13300 GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow. 8.0 1.29% 2020-09-14 2026-06-16
CVE-2020-13316 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not validating a Deploy-Token and allowed a disabled repository be accessible via a git command line. 5.4 1.42% 2020-09-14 2026-06-16
CVE-2020-13318 A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume role attack. 6.4 0.98% 2020-09-14 2026-06-16
CVE-2020-13311 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Wiki was vulnerable to a parser attack that prohibits anyone from accessing the Wiki functionality through the user interface. 4.3 1.50% 2020-09-14 2026-06-16
cvelogic Threat Intelligence