CVE-2024-27766 - MariaDB v11.1 Remote Code Execution via `lib_mysqludf_sys.so` — Understanding the Risks, Disputes, and Exploit Demonstration
In early 2024, a vulnerability was reported as CVE-2024-27766, affecting MariaDB version 11.1. According to the initial report, a remote attacker could potentially execute
CVE-2024-47162 - How a JetBrains YouTrack Token Leak Could Compromise Your Project
If you’re using JetBrains YouTrack (especially before version 2024.3.44799), there’s a critical vulnerability you should know about: CVE-2024-47162. This flaw could
CVE-2024-21685 - Unauthenticated Information Disclosure in Jira Core Data Center (Explained + Exploit Details)
Published: June 2024
CVSS Score: 7.4 (High Severity)
Affected: Jira Core Data Center 9.4., 9.12., 9.15.
Jira Core Data Center is
CVE-2024-21401 - Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability Explained
Date discovered: February 2024
Severity: Critical
Affected product: Microsoft Entra ID (Azure AD) Jira SSO Plugin
Attack type: Elevation of Privilege (EoP)
Introduction
In early
CVE-2023-44384 - How Discourse-Jira Plugin Exposed Servers to SSRF and Data Leaks
TL;DR
CVE-2023-44384 is a critical security vulnerability in the _discourse-jira_ plugin that could let attackers abuse admin or moderation features to perform SSRF (Server-Side
Episode
00:00:00
00:00:00