CVE-2024-50379 - Critical Apache Tomcat TOCTOU RCE via JSP Compilation on Case-Insensitive Filesystems
A major security threat (CVE-2024-50379) has been discovered in Apache Tomcat, one of the world's most widely used Java web server platforms. This
CVE-2024-50339 - How Attackers Can Hijack Any Session in GLPI Before Version 10..17
GLPI is an open-source IT asset management software popular among many organizations for tracking hardware, software, tickets, and much more. However, between versions 9.5.
CVE-2024-49124 - LDAP Client Remote Code Execution Vulnerability – Inside the Threat, Exploit, and Mitigation
Published: June 2024
Introduction
On June 11, 2024, CVE-2024-49124 was assigned to a serious vulnerability in multiple LDAP client libraries and implementations, where attackers can
CVE-2024-53677 - How a Dangerous File Upload Bug in Apache Struts Can Lead to Remote Code Execution
TL;DR:
Apache Struts had a severe vulnerability (CVE-2024-53677) in its file upload logic, present from version 2.. up to (but not including) 6.4.
CVE-2024-53949 - How Improper Authorization in Apache Superset Exposed Sensitive APIs (Full Exploit Details Inside)
Published: June 2024
Written by: Security Insights Team
Apache Superset is a popular open-source platform for data exploration and visualization. If your company runs dashboards
Episode
00:00:00
00:00:00