Poster - CVE CyberSecurity Database News (Page 254)

Feb 5, 2025 Exploit

CVE-2024-3976 - GitLab Confidential Issues Leak Vulnerability Explained with Exploit and Code Snippet

*GitLab* is one of the most popular web-based DevOps and version control platforms used by developers and enterprises worldwide. On June 2024, a critical vulnerability

Feb 5, 2025

CVE-2024-5528 - Subdomain Takeover Vulnerability in GitLab Pages – A Deep Dive

On June 27, 2024, GitLab issued a security advisory concerning a serious subdomain takeover vulnerability, now tracked as CVE-2024-5528. This issue affects the widely-used GitLab

Feb 5, 2025 API Exploit

CVE-2024-6356 - Security Policy Bot Cross-Project Access in GitLab EE – Analysis and Exploit Demo

CVE-2024-6356 is a newly discovered vulnerability affecting Enterprise Editions (EE) of GitLab, introducing a risk where the Security Policy Bot could interact with more projects

Feb 5, 2025 Java

CVE-2025-0167 - How a Rare `.netrc` Configuration Can Leak Your Credentials in Curl Redirects

When you use cURL, it's natural to expect your credentials to stay private—especially if you took the trouble to set up a

Feb 5, 2025 Windows Exploit

CVE-2025-0725 - Exploiting Buffer Overflow in libcurl’s Gzip Decompression with zlib ≤ 1.2..3

On March 6, 2025, a new critical vulnerability named CVE-2025-0725 was discovered affecting libcurl when it’s used with zlib 1.2..3 or older.