CVE-2024-54151 - Critical Directus WebSockets Vulnerability—How Unauthenticated Users Can Become Admins
Directus is a popular open-source platform that turns any SQL database into a powerful real-time API and user-friendly admin dashboard. With Directus, teams can manage
CVE-2024-54147 - How Altair GraphQL Client Let Attackers Read All Your Data on Public WiFi
Altair GraphQL Client for Desktop didn’t verify HTTPS certificates before version 8..5. This means that if you used it on public WiFi or
CVE-2024-53949 - How Improper Authorization in Apache Superset Exposed Sensitive APIs (Full Exploit Details Inside)
Published: June 2024
Written by: Security Insights Team
Apache Superset is a popular open-source platform for data exploration and visualization. If your company runs dashboards
CVE-2023-41953 - Exploiting the Missing Authorization Vulnerability in ProfilePress (v. up to 4.13.1)
---
WordPress powers a huge part of the internet, and plugins are a big reason why. But with popularity comes a target on your back.
CVE-2023-50373 - How Missing Authorization in WPSAAD Alt Manager Lets Attackers Bypass Security (With Exploit Example)
A recent vulnerability, CVE-2023-50373, has been found in WPSAAD Alt Manager—an account management plugin used mostly with Minecraft servers. This flaw is due to
Episode
00:00:00
00:00:00