CVE-2024-53677 - How a Dangerous File Upload Bug in Apache Struts Can Lead to Remote Code Execution
TL;DR:
Apache Struts had a severe vulnerability (CVE-2024-53677) in its file upload logic, present from version 2.. up to (but not including) 6.4.
CVE-2024-49530 - Unpacking Adobe Acrobat Reader Use-After-Free Vulnerability and How It Puts Users at Risk
On May 2024, a critical vulnerability tracked as CVE-2024-49530 was revealed in several versions of Adobe Acrobat Reader, one of the most widely used PDF
CVE-2024-11633 - Argument Injection Vulnerability in Ivanti Connect Secure (Pre-22.7R2.4) Allows Remote Code Execution for Remote Admins
In early 2024, security researchers discovered and reported a new critical vulnerability affecting Ivanti Connect Secure products (formerly Pulse Connect Secure), tracked as CVE-2024-11633. This
CVE-2024-53247 - Low-Privilege Remote Code Execution in Splunk Enterprise and Secure Gateway App
Splunk is a popular tool used by companies to monitor, search, and analyze machine-generated data. However, in June 2024, a critical vulnerability was disclosed: CVE-2024-53247.
CVE-2024-55638 - How Drupal Core’s Deserialization Flaw Exposes Your Website to Object Injection
Drupal is a powerhouse in the content management system (CMS) world, used by everyone from small businesses to giant media outlets. However, it’s not
Episode
00:00:00
00:00:00