CVE-2024-4358: Unauthenticated Access to Restricted Telerik Report Server Functionality
The vulnerability, CVE-2024-4358, affects the Telerik Report Server version 2024 Q1 (10..24.305) or earlier, running on Microsoft's Internet Information Services (IIS)
CVE-2024-36428: Critical Vulnerability in OrangeHRM 3.3.3 - Admin/ViewProjects sortOrder SQL Injection Exploit
In this post, we will discuss a critical vulnerability (CVE-2024-36428) that affects OrangeHRM, an open-source human resource management (HRM) solution. This particular vulnerability allows SQL
CVE-2024-34477: Privilege Escalation Vulnerability in FOG's ConfigureNFS Function
A new vulnerability has been discovered in FOG's configureNFS function, which is located in the lib/common/functions.sh file. FOG is an
CVE-2024-5201 - Privilege Escalation in OpenText Dimensions RM through HTTP Request Manipulation
A recent vulnerability, CVE-2024-5201, has been discovered in the OpenText Dimensions RM software which allows authenticated users to escalate their privileges to that of another
CVE-2024-35222 - Tauri Remote Origin iFrames Vulnerability Allows Attackers to Access IPC Endpoints and Execute Potentially Unwanted Commands
Tauri is a popular, lightweight framework used for building desktop applications for various platforms, such as Windows, macOS, and Linux. Recently, a vulnerability was discovered
Episode
00:00:00
00:00:00