CVE-2024-24773 - Bypassing Data Authorization by Exploiting Improper Parsing of Nested SQL Statements in SQLLab (Apache Superset)
The vulnerability (CVE-2024-24773) is found in Apache Superset, a popular open-source platform for data visualization. The issue allows authenticated users to bypass their data authorization
CVE-2024-21742 – Header Injection Vulnerability in MIME4J Library Exploitable by Improper Input Validation
Apache MIME4J is a widely used Java library for parsing, generating, and editing MIME messages. The library provides the ability to work with the Internet
CVE-2023-50380: XML External Entity Injection Vulnerability in Apache Ambari Versions <= 2.7.7
A severe security vulnerability has been discovered in Apache Ambari versions up to and including 2.7.7, which can lead to root-level file reading
CVE-2024-27905: A Critical Vulnerability in Unsupported Apache Aurora Projects Leading to Sensitive Information Exposure
CVE-2024-27905 refers to a critical vulnerability that exposes sensitive information to unauthorized actors in Apache Aurora projects. This vulnerability can be potentially exploited by malicious
CVE-2023-51747 - Apache James SMTP Smuggling Vulnerability and How to Mitigate It
Recent findings indicate that Apache James email servers prior to versions 3.8.1 and 3.7.5 are potentially vulnerable to SMTP smuggling. The
Episode
00:00:00
00:00:00