CVE-2024-55591 - Authentication Bypass in FortiOS and FortiProxy via Node.js WebSocket
On June 2024, a severe vulnerability was disclosed in Fortinet’s FortiOS and FortiProxy products, identified as CVE-2024-55591. The flaw enables remote attackers
CVE-2024-54151 - Critical Directus WebSockets Vulnerability—How Unauthenticated Users Can Become Admins
Directus is a popular open-source platform that turns any SQL database into a powerful real-time API and user-friendly admin dashboard. With Directus,
CVE-2024-9693 - How a GitLab Kubernetes Agent Flaw Risked Your Cluster – Explained with Code and Exploit Details
In early 2024, GitLab disclosed a serious vulnerability (CVE-2024-9693) affecting its Community Edition (CE) and Enterprise Edition (EE) products. This vulnerability put countless
CVE-2024-52532 - Infinite Loop and Memory Exhaustion in GNOME libsoup’s WebSocket Handling
A critical vulnerability has been found in the popular GNOME libsoup library, identified as CVE-2024-52532. This bug can lead to memory exhaustion and
CVE-2024-42340 - Breaking Down CyberArk’s Dangerous Client-Side Security Flaw (CWE-602)
In June 2024, a critical security vulnerability was disclosed in the CyberArk Privileged Access Security (PAS) Solution, tracked as CVE-2024-42340. This vulnerability is
Episode
00:00:00
00:00:00