PT-2025-13172 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 14.9 through 17.8.6 GitLab EE versions 17.9 through 17.8.3 GitLab EE versions 17.10 through 17.10.1 Description: An issue was discovered in GitLab EE, where an input validation issue in the Harbor registry integration could...

GitGot - Semi-automated, Feedback-Driven Tool To Rapidly Search Through Troves Of Public Data On GitHub For Sensitive Secrets

GitGot is a semi-automated, feedback-driven tool to empower users to rapidly search through troves of public data on GitHub for sensitive secrets. How it Works During search sessions, users will provide feedback to GitGot about search results to ignore, and GitGot prunes the set of results. Users...

ActionTec C1000A Modem/Router XSS and arbitrary CSRF Vulnerabilities

This moden and router, like most, is a sea filled with CSRF and XSS exploits. If the user is logged in to the modem say, an administrator, a specific link can be crafted to execute arbitrary web UI commands. The addition of the XSS is really just a bonus allowing for more complex vectors. The...