CVE-2024-38175 - How Improper Access Control in Azure Managed Cassandra Lets Attackers Elevate Privileges
> Published: June 2024
> By: Security Research Team
Microsoft Azure’s Managed Instance for Apache Cassandra is one of the most popular managed NoSQL
CVE-2024-6322 - Bypassing Access Control in Plugin Data Sources via Misapplied ReqActions in plugin.json
A critical security vulnerability, CVE-2024-6322, was recently discovered in systems that utilize plugin-based data sources. This issue allows users with legitimate access to any data
CVE-2024-43472 - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Explained
Microsoft Edge, the Chromium-based successor to Internet Explorer, is one of the most popular web browsers. However, in June 2024, an important security issue—CVE-2024-43472—
CVE-2024-7646 - Bypassing Ingress-nginx Annotation Validation to Steal All Kubernetes Cluster Secrets
CVE-2024-7646 is a critical security vulnerability discovered in the ingress-nginx Kubernetes controller. This issue allows anyone with permissions to create Ingress objects to bypass critical
CVE-2024-5914 - Command Injection in Palo Alto Networks Cortex XSOAR CommonScripts Pack – How Attackers Can Run Arbitrary Commands
In June 2024, security researchers uncovered a critical command injection vulnerability in Palo Alto Networks Cortex XSOAR CommonScripts Pack. The flaw, tracked as CVE-2024-5914, could
Episode
00:00:00
00:00:00