CVE-2024-55638 - How Drupal Core’s Deserialization Flaw Exposes Your Website to Object Injection
Drupal is a powerhouse in the content management system (CMS) world, used by everyone from small businesses to giant media outlets. However, it’s not
CVE-2024-12174 - Exploiting Tenable Security Center’s Certificate Validation Flaw for Email Interception
---
The cybersecurity landscape is constantly evolving, but sometimes the biggest flaws come from simple oversights. One such fresh discovery is CVE-2024-12174, an "Improper
CVE-2024-54151 - Critical Directus WebSockets Vulnerability—How Unauthenticated Users Can Become Admins
Directus is a popular open-source platform that turns any SQL database into a powerful real-time API and user-friendly admin dashboard. With Directus, teams can manage
CVE-2024-54147 - How Altair GraphQL Client Let Attackers Read All Your Data on Public WiFi
Altair GraphQL Client for Desktop didn’t verify HTTPS certificates before version 8..5. This means that if you used it on public WiFi or
CVE-2024-54920 - SQL Injection in kashipara E-learning Management System v1. (teacher_signup.php) – Exploit Details & Walkthrough
A recently discovered vulnerability, CVE-2024-54920, has made headlines in the security community. This SQL Injection flaw was found in the /teacher_signup.php file of
Episode
00:00:00
00:00:00