ProjectDiscovery – WindowsTechs.com

Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)

Posted on October 9, 2024 by Zeljka Zorz

If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analysis of CVE-2024-45409 and an exploit script th… Continue reading Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)→

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)

Posted on October 2, 2024 by Zeljka Zorz

Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say that the attacks started on September 28 – sev… Continue reading Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)→