CVE-2024-49071 - How Windows Defender’s Global Files Search Leaks Sensitive Info With Improper Authorization
June 2024 has seen another serious security issue: CVE-2024-49071, a privilege escalation vulnerability in Windows Defender. This bug exposes sensitive index information to attackers with
CVE-2024-9387 - Exploiting Open Redirect in GitLab Releases API (11.8–17.6.2)
An open redirect vulnerability is often considered low-to-medium risk—but, in the wrong hands, it can be used for phishing, stealing credentials, or leading users
CVE-2024-8233 - How a GitLab Diff Bug Could Crash Your Service — Analysis, Exploit Details, and Fixes
On June 26th, 2024, cybersecurity researchers disclosed a new vulnerability in GitLab, tracked as CVE-2024-8233. This bug affects GitLab Community Edition (CE) and Enterprise Edition
CVE-2024-12570 - How GitLab CI_JOB_TOKEN Could Leak Your Session Token (Explained with Example)
A serious vulnerability—CVE-2024-12570—has been discovered lurking in GitLab Community Edition (CE) and Enterprise Edition (EE). This security flaw could allow someone who gets
CVE-2024-11274 - GitLab NEL Header Injection in K8s Proxy – Exploit Details and Understanding the Risk
A serious security vulnerability— CVE-2024-11274— has come to light in popular source code management platform GitLab Community Edition (CE) and Enterprise Edition (EE). This flaw
Episode
00:00:00
00:00:00