CVE-2024-38472 - SSRF in Apache HTTP Server (Windows) Leaking NTLM Hashes — Exploit Details and Mitigation Guide
A new vulnerability, CVE-2024-38472, was discovered in the Apache HTTP Server (httpd) for Windows. This is a Server-Side Request Forgery (SSRF) flaw that can lead
CVE-2024-36991 - Path Traversal Vulnerability in Splunk Enterprise on Windows
Splunk is one of the most popular platforms for searching, monitoring, and analyzing machine-generated big data. If you’re running Splunk Enterprise on Windows, there’
CVE-2024-6376 - Code Injection Vulnerability in MongoDB Compass via ejson Shell Parser
CVE-2024-6376 is a critical code injection vulnerability that affects MongoDB Compass—the popular GUI for MongoDB databases. The flaw is tied to insufficient sandbox protection
CVE-2024-3330: Critical Vulnerability in Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace with Potential for Arbitrary Code Execution
A critical vulnerability (CVE-2024-3330) has been discovered in TIBCO's Spotfire product suite, including Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace. Successful
CVE-2024-35260 - Exploiting Microsoft Dataverse’s Untrusted Search Path Vulnerability for Remote Code Execution
CVE-2024-35260 is a newly disclosed vulnerability affecting Microsoft Dataverse—a key data platform used in Microsoft Power Platform and various Dynamics 365 applications. This vulnerability
Episode
00:00:00
00:00:00