CVE-2024-6376 - Code Injection Vulnerability in MongoDB Compass via ejson Shell Parser
CVE-2024-6376 is a critical code injection vulnerability that affects MongoDB Compass—the popular GUI for MongoDB databases. The flaw is tied to insufficient sandbox protection
CVE-2024-3330: Critical Vulnerability in Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace with Potential for Arbitrary Code Execution
A critical vulnerability (CVE-2024-3330) has been discovered in TIBCO's Spotfire product suite, including Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace. Successful
CVE-2024-35260 - Exploiting Microsoft Dataverse’s Untrusted Search Path Vulnerability for Remote Code Execution
CVE-2024-35260 is a newly disclosed vulnerability affecting Microsoft Dataverse—a key data platform used in Microsoft Power Platform and various Dynamics 365 applications. This vulnerability
CVE-2024-6154 - Parallels Desktop Toolgate Heap-Based Buffer Overflow Leading to Local Privilege Escalation
Parallels Desktop is a widely-used application for running virtual machines (VMs) on macOS. It’s popular among developers, testers, and regular users who want Windows
CVE-2024-38082 - Uncovering the Microsoft Edge Chromium-Based Spoofing Vulnerability – How It Works and Why You Should Care
---
Introduction
In June 2024, Microsoft disclosed a new security vulnerability—CVE-2024-38082—affecting Edge, its popular Chromium-based web browser. This exploit allows malicious actors to
Episode
00:00:00
00:00:00