CVE-2024-27447 - How pretix Before 2024.1.1 Mishandles File Validation and Could Put Your Tickets at Risk
---
Introduction
On February 27, 2024, a vulnerability was assigned to the popular event ticketing platform, pretix, under the identifier CVE-2024-27447. This security bug focuses
CVE-2024-23839 - Exploiting Suricata’s Heap Use-After-Free in HTTP Header Matching
Suricata is widely respected as an open-source Network Intrusion Detection System (NIDS), Intrusion Prevention System (IPS), and Network Security Monitoring (NSM) solution. It plays a
CVE-2024-1885 - Remote Code Execution in LG Signage webOS — What You Need to Know
In early 2024, a critical vulnerability (CVE-2024-1885) was discovered in certain versions of LG Signage digital displays running webOS. This flaw allows attackers on the
CVE-2024-22988 - Remote Code Execution in ZKTeco ZKBio WDMS v8..5 via /files/backup/ Endpoint
In early 2024, a serious security flaw was discovered in ZKTeco ZKBio WDMS v8..5, a popular web-based device management system used to control biometric
CVE-2024-23320 - Exploiting Improper Input Validation in Apache DolphinScheduler (RCE with Server-Side JavaScript Injection)
A new vulnerability—CVE-2024-23320—has been discovered in Apache DolphinScheduler. This security hole allows an authenticated user to execute *arbitrary JavaScript code* right on the
Episode
00:00:00
00:00:00