GitHub Security Lab (@ghsecuritylab) Twitter Tweets • TwiDoom

GHSL-2024-031_GHSL-2024-032: unauthorized repository modification or secrets exfiltration in Actions workflows of fabric.js securitylab.github.com/advisories/GHS…

thumb_up_off_alt1

chat_bubble_outline0

repeat1

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-034: Privilege escalation in memos - CVE-2024-41659 securitylab.github.com/advisories/GHS…

thumb_up_off_alt2

chat_bubble_outline0

repeat1

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-035_GHSL-2024-036: CORS misconfguration and Reflected XSS in Casdoor - CVE-2024-41657, CVE-2024-41658 securitylab.github.com/advisories/GHS…

thumb_up_off_alt2

chat_bubble_outline0

repeat0

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-048: Actions expression injection in a Actions workflow of Infinispan securitylab.github.com/advisories/GHS…

thumb_up_off_alt1

chat_bubble_outline0

repeat1

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-049: Actions expression injection in an Actions workflow of EVE securitylab.github.com/advisories/GHS…

thumb_up_off_alt3

chat_bubble_outline0

repeat1

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-050: Actions expression injection in an Actions workflow of Cromwell securitylab.github.com/advisories/GHS…

thumb_up_off_alt2

chat_bubble_outline0

repeat0

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-052: Actions expression injection in an Actions workflow of AsyncAPI securitylab.github.com/advisories/GHS…

thumb_up_off_alt1

chat_bubble_outline0

repeat1

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-054: Actions expression injection in an Actions workflow of OpenIM securitylab.github.com/advisories/GHS…

thumb_up_off_alt2

chat_bubble_outline0

repeat0

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-058_GHSL-2024-059: Actions expression injection in an Actions workflow of starrocks securitylab.github.com/advisories/GHS…

thumb_up_off_alt1

chat_bubble_outline0

repeat1

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-159: Poisoned Pipeline Execution (PPE) in an Actions workflow of Element+ securitylab.github.com/advisories/GHS…

thumb_up_off_alt3

chat_bubble_outline0

repeat1

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-177: Environment Variable injection in an Actions workflow of Litestar - CVE-2024-42370 securitylab.github.com/advisories/GHS…

thumb_up_off_alt6

chat_bubble_outline2

repeat3

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-096: DNS rebinding in Homepage, leading to private information disclosure - CVE-2024-42364 securitylab.github.com/advisories/GHS…

thumb_up_off_alt7

chat_bubble_outline0

repeat3

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-160: Cache poisoning in JFrog Artifactory - CVE-2024-6915 securitylab.github.com/advisories/GHS…

thumb_up_off_alt9

chat_bubble_outline0

repeat4

shareShare

GitHub Security Lab

@ghsecuritylab

a month ago

GHSL-2024-093: Remote Code Execution (RCE) in Haven - CVE-2024-39906 securitylab.github.com/advisories/GHS…

thumb_up_off_alt7

chat_bubble_outline0

repeat4

shareShare

GHSL-2024-005_GHSL-2024-008: SSRF, XSS, RCE and Sensitive information disclosure in OpenHAB Web UI - CVE-2024-42467, CVE-2024-42468, CVE-2024-42469, CVE-2024-42470 securitylab.github.com/advisories/GHS…

thumb_up_off_alt8

chat_bubble_outline0

repeat6

shareShare