CVE-2024-38222 - Exposing Sensitive Data via Microsoft Edge (Chromium) Information Disclosure Vulnerability
In June 2024, Microsoft published a security advisory for CVE-2024-38222, a newly discovered information disclosure vulnerability affecting Microsoft Edge, the Chromium-based edition.
CVE-2024-6535 - Skupper OAuth-Proxy Flaw—How a Static Cookie-Secret Exposes Your Console
Published: June 2024
Severity: High
Component: Skupper
CWE: CWE-311 (Missing Encryption of Sensitive Data)
A newly disclosed vulnerability, CVE-2024-6535, affects Skupper installations
CVE-2024-2177 - Breaking Down Cross Window Forgery in GitLab OAuth Flow
In June 2024, a new and critical security flaw—CVE-2024-2177—was disclosed in GitLab Community and Enterprise Edition. This vulnerability affects all versions
CVE-2024-37051 - GitHub Access Token Exposure in JetBrains IDEs – What Happened, How to Exploit, and How to Fix
---
References and Further Reading
10. Conclusion
1. Introduction
JetBrains IDEs like IntelliJ IDEA, PyCharm, and WebStorm are used by millions of developers worldwide. These IDEs
CVE-2024-4540: Information Disclosure Vulnerability in Keycloak OAuth 2. Pushed Authorization Requests (PAR)
In this extensive post, we will discuss a vulnerability that was recently discovered in Keycloak, a popular open-source Identity and Access Management solution. The
Episode
00:00:00
00:00:00