CVE-2024-8402 - Exploiting Google Cloud IAM Integration in GitLab EE – Exploit Analysis, Code Sample, and Mitigation
CVE-2024-8402 is a security vulnerability found in GitLab Enterprise Edition (EE) impacting the Google Cloud IAM integration feature. This flaw affects:
All versions from 17.
CVE-2025-27915 - Stored XSS in Zimbra 9/10 Allows Email Hijack via Malicious ICS Files
A newly disclosed vulnerability, CVE-2025-27915, affects Zimbra Collaboration Suite (ZCS) versions 9., 10., and 10.1. Zimbra is a widely-used open-source email and collaboration platform
CVE-2025-24070 - Weak Authentication in ASP.NET Core & Visual Studio—How Attackers Can Elevate Privileges Over Your Network
---
A recently disclosed vulnerability, CVE-2025-24070, has made headlines for its impact on Microsoft’s ASP.NET Core and Visual Studio. This flaw leaves applications
CVE-2025-25977 - Remote Code Execution in canvg v4..2 via StyleElement Constructor
A new critical security flaw, CVE-2025-25977, has been discovered in canvg, a popular JavaScript library for rendering SVGs on Canvas. This vulnerability affects version v4.
CVE-2025-27506 - Reflected XSS in NocoDB Password Reset Endpoint – How It Happened and Exploit Details
NocoDB is a powerful open-source tool that lets you build databases visually, much like working with a spreadsheet. It’s popular for managing information with
Episode
00:00:00
00:00:00