CVE-2024-38475 - Exploiting Unsafe Output Escaping in Apache mod_rewrite for Code Execution and Source Disclosure
---
Introduction
Apache HTTP Server is one of the most popular web servers worldwide, essential for hosting millions of websites. But like all complex software,
CVE-2024-36387 - WebSocket Upgrades Over HTTP/2 Cause Null Pointer Dereference and Server Crashes
In June 2024, a critical vulnerability—CVE-2024-36387—was disclosed in popular web server software. This flaw allows attackers to crash server processes by attempting WebSocket
CVE-2024-36991 - Path Traversal Vulnerability in Splunk Enterprise on Windows
Splunk is one of the most popular platforms for searching, monitoring, and analyzing machine-generated big data. If you’re running Splunk Enterprise on Windows, there’
CVE-2024-20399 - How Locals Can Become Root on Cisco NX-OS Devices
In June 2024, a critical security flaw—CVE-2024-20399—was reported in the CLI (Command Line Interface) of Cisco NX-OS Software. This bug isn’t just
CVE-2024-37370 - How Attackers Trick Applications with Modified Kerberos GSS krb5 Wrap Tokens
June 2024 brought an important security update for MIT Kerberos 5 (krb5), fixing a subtle but serious flaw tracked as CVE-2024-37370. In this article, we’
Episode
00:00:00
00:00:00