CVE-2024-8650 - GitLab Merge Request Vulnerability: Unresolved Threads of Internal Notes in Public Projects Exposed to Non-Member Users
A software vulnerability (CVE-2024-8650) was recently discovered in GitLab, a popular web-based DevOps platform that enables software development teams to collaborate on projects. This vulnerability
CVE-2024-8116 - Exploiting GitLab GraphQL to Leak Branch Names Without Authorization
A new security issue, CVE-2024-8116, was discovered in multiple versions of GitLab Community Edition (CE) and Enterprise Edition (EE). This vulnerability lets unauthorized users use
CVE-2024-7701 - Exploiting Weak Password Hashing in Percona Toolkit for Easy Brute-Forcing
On June 18, 2024, a new vulnerability—CVE-2024-7701—was published, targeting the popular Percona Toolkit. This toolkit contains various command-line tools for managing MySQL and
CVE-2024-55956 - Cleo Harmony, VLTrader, and LexiCom Autorun Directory Vulnerability Explained (With Exploit Code)
In mid-2024, security researchers uncovered a critical vulnerability—CVE-2024-55956—affecting popular Cleo integration products: Harmony, VLTrader, and LexiCom (all versions before 5.8..24). The
CVE-2024-54262 - How a File Upload Vulnerability in Import Export For WooCommerce (Pre-1.5) Leads to Web Shell Exploitation
On June 2024, a serious security flaw, now identified as CVE-2024-54262, was found in the "Import Export For WooCommerce" plugin by Siddharth Nagar.
Episode
00:00:00
00:00:00