CVE-2023-28625: mod_auth_openidc NULL Pointer Dereference Vulnerability
mod_auth_openidc is a popular authentication and authorization module for the Apache 2.x HTTP server. It implements OpenID Connect Relying Party functionality, which
CVE-2023-28708: Session Cookies Missing Secure Attribute When RemoteIpFilter is Used in Apache Tomcat
A recently discovered security vulnerability, identified as CVE-2023-28708, exists in Apache Tomcat versions 11..-M1 to 11..-M2, 10.1.-M1 to 10.1.5,
CVE-2023-23408: Unveiling the Azure Apache Ambari Spoofing Vulnerability and Useful Remediation Tips
In this post, we will explore a relatively new vulnerability CVE-2023-23408, discovered in Azure Apache Ambari, an open-source software framework that helps in the provisioning,
CVE-2023-26464: Memory Exhaustion Vulnerability in Log4j 1.x When Using Chainsaw or SocketAppender Components on JRE Less Than 1.7
In this post, we will discuss a vulnerability found in Apache Log4j 1.x when used with Chainsaw or SocketAppender components on Java Runtime Environment
CVE-2023-23638: Dubbo Deserialization Vulnerability, Malicious Code Execution, and Exploit Details
A critical deserialization vulnerability (CVE-2023-23638) has been identified in the widely-used open-source RPC framework, Apache Dubbo. This vulnerability allows an attacker to execute malicious code
Episode
00:00:00
00:00:00