CVE-2023-38035: Insufficiently Restrictive Apache HTTPD Configuration in MICS Admin Portal of Ivanti MobileIron Sentry May Allow Attackers to Bypass Authentication Controls
A recently discovered security vulnerability (CVE-2023-38035) has been found to affect the MICS (MobileIron Core Server) Admin Portal in Ivanti MobileIron Sentry in versions 9.
CVE-2022-46751: Apache Ivy XML External Entity (XXE) and XML Injection Vulnerabilities
Apache Software Foundation has recently addressed a critical security vulnerability in Apache Ivy, identified as CVE-2022-46751. The flaw is categorized as an improper restriction of
CVE-2023-34478 - Apache Shiro Path Traversal Attack and Authentication Bypass Vulnerability
In this post, we will delve into the details of a recently discovered security vulnerability, CVE-2023-34478, affecting Apache Shiro. We will discuss the cause of
CVE-2023-36543 - Apache Airflow Vulnerability Allows Authenticated Users to Execute Denial of Service Attacks in Versions before 2.6.3
Security researchers have recently identified a vulnerability in Apache Airflow, a popular open-source platform designed to build, schedule and monitor complex data workflows. The vulnerability,
CVE-2023-34981: Information Leak in Apache Tomcat due to Regression in Fix for Bug 66512
In this post, we will discuss the CVE-2023-34981 vulnerability, which is related to a regression in the fix for bug 66512 in Apache Tomcat version
Episode
00:00:00
00:00:00