CVE-2024-37370 - How Attackers Trick Applications with Modified Kerberos GSS krb5 Wrap Tokens
June 2024 brought an important security update for MIT Kerberos 5 (krb5), fixing a subtle but serious flaw tracked as CVE-2024-37370. In this article, we’
CVE-2024-5730 - Reflected XSS Vulnerability in Pagerank tools WordPress Plugin version 1.1.5
A serious security vulnerability with a CVE-ID of CVE-2024-5730 has been discovered in the Pagerank tools WordPress plugin, specifically in versions up to and including
CVE-2024-5642 - A Deep Dive into the CPython NPN Protocols Empty List Vulnerability
In June 2024, the security world quietly noted the release of CVE-2024-5642, an unusual but important bug in CPython affecting versions 3.9 and earlier.
CVE-2024-2973 - Complete Takeover of Juniper Session Smart Routers & Conductors via HA Peer Auth Bypass
Summary:
A newly disclosed vulnerability (CVE-2024-2973) allows attackers to bypass authentication entirely on Juniper Networks Session Smart Router (SSR) and Conductor devices running in a
CVE-2024-3330: Critical Vulnerability in Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace with Potential for Arbitrary Code Execution
A critical vulnerability (CVE-2024-3330) has been discovered in TIBCO's Spotfire product suite, including Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace. Successful
Episode
00:00:00
00:00:00