CVE-2024-8114 - Critical Privilege Escalation in GitLab via Compromised Personal Access Token (PAT)
In the ongoing mission to make software more secure, vulnerabilities are inevitable in even the most trusted platforms. On June 24, 2024, GitLab issued a
CVE-2024-11828 - How a GitLab Regression Opened Doors to API Denial-of-Service Attacks
---
Introduction
A new denial of service (DoS) vulnerability, known as CVE-2024-11828, was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE). The issue
CVE-2024-52008 - Critical Weak Password Vulnerability in Fides User Invite API
Fides is a popular open-source privacy engineering platform, widely praised for helping organizations automate and manage privacy operations. In June 2024, a serious security issue
CVE-2024-52336 - Tuned D-Bus Local Privilege Escalation via `instance_create()` Script Injection
A new vulnerability tagged as CVE-2024-52336 affects the popular system tuning tool, Tuned. This weakness allows a simple local user to run code as root—
CVE-2024-11705 - Firefox and Thunderbird Crash via NULL Pointer in NSC_DeriveKey (with Exploit Details)
In early 2024, security researchers and Mozilla developers uncovered a crash bug affecting the NSC_DeriveKey function within the NSS (Network Security Services) library, which
Episode
00:00:00
00:00:00