CVE-2024-4109 - How a Flaw in Undertow HTTP/2 Handler Can Leak Your Inflight Secrets
On May 2024, a new security issue—CVE-2024-4109—was disclosed, affecting Red Hat’s highly used web server component, Undertow. If you use WildFly, JBoss,
CVE-2024-49132 - Windows Remote Desktop Services Remote Code Execution Vulnerability Explained
In early June 2024, cybersecurity experts discovered a critical vulnerability in Microsoft’s Remote Desktop Services (RDS) identified as CVE-2024-49132. This flaw enables remote attackers
CVE-2024-49114 - Exploiting a Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
In June 2024, Microsoft disclosed CVE-2024-49114, a critical vulnerability impacting Windows systems that use the Microsoft Cloud Files Mini Filter Driver (cldflt.sys). Understanding this
CVE-2024-53247 - Low-Privilege Remote Code Execution in Splunk Enterprise and Secure Gateway App
Splunk is a popular tool used by companies to monitor, search, and analyze machine-generated data. However, in June 2024, a critical vulnerability was disclosed: CVE-2024-53247.
CVE-2024-53246 - Unpacking the Splunk SPL Information Disclosure Vulnerability
Splunk is the backbone SIEM (Security Information and Event Management) solution for many organizations, often ingesting logs from all corners of enterprise infrastructure. Vulnerabilities in
Episode
00:00:00
00:00:00