CVE-2024-26139: Gaining Administrative Privileges in OpenCTI via Profile Edit Functionality: A Detailed Exploit
OpenCTI is a powerful and popular open-source platform that allows organizations to manage their cyber threat intelligence knowledge and observables. However, security concerns sometimes arise
CVE-2024-1947: Uncovering a Denial of Service Vulnerability in GitLab CE/EE
GitLab is an open-source, web-based tool that allows developers and teams to effortlessly manage their projects, support continuous integration, and endorse collaboration among team members.
CVE-2024-35223 - Dapr gRPC Proxy App Token Leak in Remote Service Invocation
Dapr is a flexible, event-driven runtime that is designed to streamline the development and deployment of distributed applications across cloud and edge environments. In this
CVE-2024-4835: GitLab XSS Vulnerability, Impacting Versions 15.11-17..1 - Beware, Sensitive User Information at Risk!
A new Cross-Site Scripting (XSS) vulnerability, identified as CVE-2024-4835, has been recently discovered in the popular web-based DevOps lifecycle tool, GitLab. This critical vulnerability impacts
CVE-2024-2874: GitLab Runner Registration Bug Allowing for Disrupted Loading of Targeted Web Resources
A newly discovered vulnerability (CVE-2024-2874) has been reported in GitLab Community Edition (CE) and Enterprise Edition (EE), impacting all versions before 16.10.6, version
Episode
00:00:00
00:00:00