CVE-2024-12093 – GitLab SAML XPath Validation Bypass

May 22, 2025

CVE ID : CVE-2024-12093

Published : May 22, 2025, 3:16 p.m. | 1 hour, 31 minutes ago

Description : An issue has been discovered in GitLab CE/EE affecting all versions from 11.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Improper XPath validation allows modified SAML response to bypass 2FA requirement under specialized conditions.

Severity: 6.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-0605 – GitLab Two-Factor Authentication Bypass

Next Article CVE-2024-54188 – Infoblox NETMRI File Disclosure

Highlights

CVE-2025-47751 – V-SFT Out-of-Bounds Write Vulnerability

May 19, 2025

CVE ID : CVE-2025-47751

Published : May 19, 2025, 8:15 a.m. | 3 hours, 1 minute ago

Description : V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6EditData!CDataRomErrorCheck::MacroCommandCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Last week in AI dev tools: Cloudflare blocking AI crawlers by default, Perplexity Max subscription, and more (July 7, 2025)

Infragistics Launches Ultimate 25.1 With Major Updates to App Builder, Ignite UI

Design Guidelines For Better Notifications UX

10 Top React.js Development Service Providers For Your Next Project In 2026

Following Microsoft’s mass layoffs, Xbox Game Pass’ business viability is again being questioned — is Xbox’s biggest differentiator an albatross?

A million customer conversations with AI agents yielded this surprising lesson

Bookworms: Don’t skip this Kindle Paperwhite Essentials bundle that’s on sale

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

Keyboard Testing in Accessibility Testing

Keyboard Testing in Accessibility Testing

Implementation of Custom Tables in Optimizely Configured Commerce

Token Limit – Monitor token usage in AI context files

Following Microsoft’s mass layoffs, Xbox Game Pass’ business viability is again being questioned — is Xbox’s biggest differentiator an albatross?

Following Microsoft’s mass layoffs, Xbox Game Pass’ business viability is again being questioned — is Xbox’s biggest differentiator an albatross?

dano – hashdeep/md5tree for media files

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

CVE-2024-12093 – GitLab SAML XPath Validation Bypass

CVE-2025-20694 – Intel Bluetooth Denial of Service Vulnerability

CVE-2025-20693 – Intel Wireless LAN STA Driver Out-of-Bounds Read Information Disclosure Vulnerability

CVE-2025-5561 – PHPGurukul Curfew e-Pass Management System SQL Injection Vulnerability

VideoDubber’s YouTube Comment Finder

Millions of new materials discovered with deep learning

A generalist AI agent for 3D virtual environments

CVE-2025-47751 – V-SFT Out-of-Bounds Write Vulnerability

ZealousWeb LLC

Poking at the CSS if() Function a Little More: Conditional Color Theming

CVE-2025-3864 – Hackney HTTP Connection Pool Exhaustion Vulnerability

CVE-2024-12093 – GitLab SAML XPath Validation Bypass

Related Posts