CVE-2024-12381 - Type Confusion in V8 Engines—How a Chrome Bug Opened the Door for Heap Attacks
In early June 2024, security researchers discovered a major vulnerability in the V8 JavaScript engine—used by Google Chrome and many Chromium-based browsers. Tracked as
CVE-2024-53677 - How a Dangerous File Upload Bug in Apache Struts Can Lead to Remote Code Execution
TL;DR:
Apache Struts had a severe vulnerability (CVE-2024-53677) in its file upload logic, present from version 2.. up to (but not including) 6.4.
CVE-2024-49530 - Unpacking Adobe Acrobat Reader Use-After-Free Vulnerability and How It Puts Users at Risk
On May 2024, a critical vulnerability tracked as CVE-2024-49530 was revealed in several versions of Adobe Acrobat Reader, one of the most widely used PDF
CVE-2024-11633 - Argument Injection Vulnerability in Ivanti Connect Secure (Pre-22.7R2.4) Allows Remote Code Execution for Remote Admins
In early 2024, security researchers discovered and reported a new critical vulnerability affecting Ivanti Connect Secure products (formerly Pulse Connect Secure), tracked as CVE-2024-11633. This
CVE-2024-53247 - Low-Privilege Remote Code Execution in Splunk Enterprise and Secure Gateway App
Splunk is a popular tool used by companies to monitor, search, and analyze machine-generated data. However, in June 2024, a critical vulnerability was disclosed: CVE-2024-53247.
Episode
00:00:00
00:00:00