CVE-2024-8365 - How HashiCorp Vault Leaked Your Tokens in Plaintext Audit Logs
On June 12, 2024, a critical vulnerability was disclosed that put sensitive secrets at risk for many organizations using HashiCorp Vault. Known as CVE-2024-8365, this
CVE-2023-26315 - Post-Auth Command Injection in Xiaomi Router AX900 Breakdown
If you own a Xiaomi Router AX900, you should be aware of a serious security issue discovered earlier this year—CVE-2023-26315. This vulnerability lets an
CVE-2024-42340 - Breaking Down CyberArk’s Dangerous Client-Side Security Flaw (CWE-602)
In June 2024, a critical security vulnerability was disclosed in the CyberArk Privileged Access Security (PAS) Solution, tracked as CVE-2024-42340. This vulnerability is rooted in
CVE-2024-39717 - How Versa Director’s Favicon Feature Lets Attackers Upload Malicious Files
A new vulnerability has been found in Versa Director, tagged as CVE-2024-39717. The flaw lies in the GUI’s “Change Favicon” feature, which is supposed
CVE-2024-21690 - High Severity Reflected XSS and CSRF Vulnerability in Atlassian Confluence Data Center and Server
A serious security issue — CVE-2024-21690 — exists in several versions of Atlassian Confluence Data Center and Server. This vulnerability combines Reflected Cross-Site Scripting (XSS) and Cross-Site
Episode
00:00:00
00:00:00