CVE CyberSecurity Database News (Page 278)

Feb 5, 2025 API Exploit Cisco Java

CVE-2025-20124 - How a Cisco ISE API Vulnerability Lets Hackers Run Code as Root

A major vulnerability has been identified in Cisco Identity Services Engine (ISE), assigned as CVE-2025-20124. This bug allows hackers, with only low-level authenticated access, to

Feb 5, 2025

CVE-2024-2878 - How a Simple Search Term Can Trigger a Denial of Service in GitLab – Deep Dive & Exploitation

In early 2024, GitLab users and administrators found themselves dealing with a critical security issue: CVE-2024-2878. This vulnerability allowed attackers to crash or disrupt GitLab

Feb 5, 2025 Exploit

CVE-2024-3976 - GitLab Confidential Issues Leak Vulnerability Explained with Exploit and Code Snippet

*GitLab* is one of the most popular web-based DevOps and version control platforms used by developers and enterprises worldwide. On June 2024, a critical vulnerability

Feb 5, 2025

CVE-2024-5528 - Subdomain Takeover Vulnerability in GitLab Pages – A Deep Dive

On June 27, 2024, GitLab issued a security advisory concerning a serious subdomain takeover vulnerability, now tracked as CVE-2024-5528. This issue affects the widely-used GitLab

Feb 5, 2025 API Exploit

CVE-2024-6356 - Security Policy Bot Cross-Project Access in GitLab EE – Analysis and Exploit Demo

CVE-2024-6356 is a newly discovered vulnerability affecting Enterprise Editions (EE) of GitLab, introducing a risk where the Security Policy Bot could interact with more projects