CVE-2024-50330 - SQL Injection in Ivanti Endpoint Manager Leads to Remote Code Execution
In June 2024, a critical vulnerability was disclosed in Ivanti Endpoint Manager (EPM)—previously known as LANDESK Management Suite. Tracked as CVE-2024-50330, this flaw exposes
CVE-2024-10947 - Critical SQL Injection in Guangzhou Tuchuang Interlib Library Cluster Automation Management System (≤2..1)
A critical vulnerability, known as CVE-2024-10947, was discovered in the Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to version 2.
CVE-2024-31880 - Understanding and Exploiting the IBM Db2 Denial of Service Vulnerability
In June 2024, a new vulnerability—CVE-2024-31880—was publicly disclosed for IBM Db2 for Linux, UNIX, and Windows (including Db2 Connect Server), affecting versions 10.
CVE-2024-9264 - Grafana’s Experimental SQL Expressions Let Attackers Inject Code with `duckdb`
Grafana is one of the most popular open-source analytics and monitoring tools out there. But sometimes, new features can bring new risks – and CVE-2024-9264 proves
CVE-2023-39593 - Insecure Permissions in MariaDB sys_exec Function Explained
CVE-2023-39593 is a security issue that caused a buzz in the MariaDB user community. This potential vulnerability is about how the sys_exec function in
Episode
00:00:00
00:00:00