VulnScope — package-centric CVE lookup- —CVE-2025-55645
- —CVE-2025-55643
- —CVE-2025-55642
- —
- —
- —
- —
- MEDIUM5.4Incorrect Authorization in GitLab
- LOW3.1Incorrect Authorization in GitLab
- MEDIUM6.5Allocation of Resources Without Limits or Throttling in GitLab
- MEDIUM4.3Improper Restriction of Rendered UI Layers or Frames in GitLab
- HIGH8.7Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
- —Sensitive data could be written to mongod.log
- —File Browser has a Command Execution Allowlist Bypass via Shell Metacharacter Injection
- HIGH7.5File Browser has incorrect access control for public directory shares via rule path rebasing
- —File Browser: FilePath traversal in download-as-zip/tar via Windows-style backslash separators in stored filenames
- MEDIUM6.8File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope
- MEDIUM6.5File Browser has a DoS Vulnerability via Public Login API
- MEDIUM6.9Netty susceptible to HTTP/2 Reset Attack with different on-the-wire signature
- HIGH7.5Netty HTTP/3 QPACK Blocked Streams Memory Exhaustion
- HIGH7.5Netty: Wrapping plain trust manager silently disables hostname verification
- HIGH7.5Netty: Unbounded pre-allocation in RedisArrayAggregator from RESP array length
- MEDIUM4.8Netty: QUIC stateless reset token material exposed through header-visible connection IDs
- MEDIUM5.3Netty: HttpObjectDecoder skips arbitrary initial control characters when only initial CRLF characters are permitted
- MEDIUM6.7A flaw was found in QEMU's virtio-blk device.
← PrevPage 6 of 3049Next →