CVE-2024-57971 - How a Small Validation Fault in DataSourceResource.java Breaks Database Security in Knowage Server
CVE-2024-57971 is a scary-sounding number if you run a Knowage Business Intelligence (BI) server. This serious vulnerability in versions _before 8.1.30_ means an
CVE-2024-57970 - Heap Buffer Over-read in libarchive’s TAR Reader Can Leak Data
CVE-2024-57970 is a newly discovered vulnerability in libarchive (through version 3.7.7) that can make applications reading certain TAR files leak sensitive memory (heap)
CVE-2025-1005 - How ElementsKit Elementor Addons Plugin for WordPress Can Be Exploited with Stored XSS in the Image Accordion Widget
A new security vulnerability, tracked as CVE-2025-1005, has been discovered in the popular WordPress plugin ElementsKit Elementor Addons. This vulnerability affects all plugin versions up
CVE-2024-12562 - Unpacking the s2Member Pro WordPress PHP Object Injection Vulnerability
In early 2024, a significant vulnerability was disclosed for s2Member Pro—a popular plugin for managing memberships on WordPress sites. Identified as CVE-2024-12562, this flaw
CVE-2025-1302 - Remote Code Execution in jsonpath-plus Before 10.3.
CVE-2025-1302 is a newly disclosed vulnerability affecting the popular JavaScript library jsonpath-plus. It allows attackers to execute arbitrary code on any system running a vulnerable
Episode
00:00:00
00:00:00