CVE-2024-49530 - Unpacking Adobe Acrobat Reader Use-After-Free Vulnerability and How It Puts Users at Risk
On May 2024, a critical vulnerability tracked as CVE-2024-49530 was revealed in several versions of Adobe Acrobat Reader, one of the most widely used PDF
CVE-2024-11633 - Argument Injection Vulnerability in Ivanti Connect Secure (Pre-22.7R2.4) Allows Remote Code Execution for Remote Admins
In early 2024, security researchers discovered and reported a new critical vulnerability affecting Ivanti Connect Secure products (formerly Pulse Connect Secure), tracked as CVE-2024-11633. This
CVE-2024-53246 - Unpacking the Splunk SPL Information Disclosure Vulnerability
Splunk is the backbone SIEM (Security Information and Event Management) solution for many organizations, often ingesting logs from all corners of enterprise infrastructure. Vulnerabilities in
CVE-2024-53866 - How pnpm's Global Cache Vulnerability Can Lead to Arbitrary Code Execution Across Workspaces
The Node.js ecosystem heavily relies on package managers like pnpm for fast, reliable, and space-saving installs. But in June 2024, a nasty vulnerability surfaced,
CVE-2024-49849 - Siemens TIA Portal Products Log File Parsing RCE Explained
A new critical vulnerability, CVE-2024-49849, has been discovered affecting a large range of Siemens’ industrial automation products, including their TIA Portal suite. This post breaks
Episode
00:00:00
00:00:00