CVE-2023-40771 - SQL Injection in DataEase v1.18.9 – How Attackers Steal Your Database
If you use DataEase, pay close attention. The SQL injection vulnerability tagged as CVE-2023-40771 affects DataEase version 1.18.9. In this post, I’ll
CVE-2023-36100 - Privilege Escalation and Sensitive Information Disclosure in IceCMS 2..1
In mid-2023, a serious vulnerability — CVE-2023-36100 — was discovered in the popular open-source content management system IceCMS (version 2..1). Attackers can use this flaw to
CVE-2023-4647 - Exploiting GitLab Projects API Pagination Bypass and Potential DoS
If you're running a self-hosted GitLab instance, especially anything from 15.2 up until the patch releases in mid-2023, there's an
CVE-2023-1555 - How a Banned User Could Access the GitLab API (and What It Means)
In March 2023, a vulnerability dubbed CVE-2023-1555 was discovered in the world’s favorite DevOps platform, GitLab. If you’re an administrator, developer, or even
CVE-2022-4343 - How GitLab EE Credential Leaks Put Your DevOps at Risk
GitLab Enterprise Edition (EE) is a powerhouse when it comes to DevOps pipelines, collaboration, and CI/CD. But sometimes, even the best software can have
Episode
00:00:00
00:00:00