CVE-2024-49035 - Exploiting Improper Access Control in Partner.Microsoft.com – A Deep Dive
In early 2024, security researchers reported a serious vulnerability affecting Partner.Microsoft.com, the official platform for Microsoft partners to manage business, customers, and their
CVE-2024-10240 - How Unauthenticated Users Could Peek Into Private GitLab Merge Requests
GitLab has always been one of the major players in managing code, collaborating on projects, and hosting private repositories. But even the best platforms sometimes
CVE-2024-8114 - Critical Privilege Escalation in GitLab via Compromised Personal Access Token (PAT)
In the ongoing mission to make software more secure, vulnerabilities are inevitable in even the most trusted platforms. On June 24, 2024, GitLab issued a
CVE-2024-52008 - Critical Weak Password Vulnerability in Fides User Invite API
Fides is a popular open-source privacy engineering platform, widely praised for helping organizations automate and manage privacy operations. In June 2024, a serious security issue
CVE-2024-11828 - How a GitLab Regression Opened Doors to API Denial-of-Service Attacks
---
Introduction
A new denial of service (DoS) vulnerability, known as CVE-2024-11828, was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE). The issue
Episode
00:00:00
00:00:00