CVE-2024-50339 - How Attackers Can Hijack Any Session in GLPI Before Version 10..17
GLPI is an open-source IT asset management software popular among many organizations for tracking hardware, software, tickets, and much more. However, between versions 9.5.
CVE-2024-49124 - LDAP Client Remote Code Execution Vulnerability – Inside the Threat, Exploit, and Mitigation
Published: June 2024
Introduction
On June 11, 2024, CVE-2024-49124 was assigned to a serious vulnerability in multiple LDAP client libraries and implementations, where attackers can
CVE-2024-53677 - How a Dangerous File Upload Bug in Apache Struts Can Lead to Remote Code Execution
TL;DR:
Apache Struts had a severe vulnerability (CVE-2024-53677) in its file upload logic, present from version 2.. up to (but not including) 6.4.
CVE-2024-53949 - How Improper Authorization in Apache Superset Exposed Sensitive APIs (Full Exploit Details Inside)
Published: June 2024
Written by: Security Insights Team
Apache Superset is a popular open-source platform for data exploration and visualization. If your company runs dashboards
CVE-2024-53947 - New Wave of SQL Injection in Apache Superset—Fresh Functions, Fresh Danger
Summary:
A fresh SQL Injection vulnerability—CVE-2024-53947—has just hit Apache Superset, affecting all versions below 4.1.. This new issue expands on CVE-2024-39887 and
Episode
00:00:00
00:00:00