CVE-2024-6356 - Security Policy Bot Cross-Project Access in GitLab EE – Analysis and Exploit Demo
CVE-2024-6356 is a newly discovered vulnerability affecting Enterprise Editions (EE) of GitLab, introducing a risk where the Security Policy Bot could interact with more projects
CVE-2025-0725 - Exploiting Buffer Overflow in libcurl’s Gzip Decompression with zlib ≤ 1.2..3
On March 6, 2025, a new critical vulnerability named CVE-2025-0725 was discovered affecting libcurl when it’s used with zlib 1.2..3 or older.
CVE-2024-1539 - How a GitLab API Info Leak Let Banned Group Members See Issue Updates
---
Intro: What is CVE-2024-1539?
CVE-2024-1539 is a newly discovered vulnerability in GitLab's Enterprise Edition (EE) that impacts a wide range of versions:
CVE-2025-1028 - Remote Code Execution via Arbitrary File Upload in Contact Manager for WordPress (up to 8.6.4)
On June 13, 2024, a serious vulnerability—CVE-2025-1028—was disclosed in the popular “Contact Manager” WordPress plugin, affecting all versions up to, and including, 8.
CVE-2025-0413 - Parallels Desktop Local Privilege Escalation via Technical Data Reporter (ZDI-CAN-25014) – Exploit Explained
Parallels Desktop is one of the most popular tools for running virtual machines on macOS. However, in its widespread use, it’s not immune to
Episode
00:00:00
00:00:00