Spring Cloud Gateway Actuator Code Injection (CVE-2022-22947): A Deeper Dive for Security Researchers
Spring Cloud Gateway Actuator Code Injection (CVE-2022-22947): A Deeper Dive for Security Researchers
2024-05-19
James McGill
CVE-2024-22416: CSRF Vulnerability in pyLoad (pyload-ng)
CVE-2024-22416: CSRF Vulnerability in pyLoad (pyload-ng)
2024-05-19
James McGill
CVE-2023-1177: Path Traversal Vulnerability in MLflow
CVE-2023-1177: Path Traversal Vulnerability in MLflow
2024-05-19
James McGill
CVE-2024-1561: Unauthorized Local File Read Vulnerability in Gradio Applications
CVE-2024-1561: Unauthorized Local File Read Vulnerability in Gradio Applications
2024-05-12
James McGill
CVE-2024-27956: SQL Injection Vulnerability in ValvePress Automatic (WP-Automatic)
CVE-2024-27956: SQL Injection Vulnerability in ValvePress Automatic (WP-Automatic)
2024-05-05
James McGill
CVE-2023-23752: Improper Access Control in Joomla! Versions 4.0.0 through 4.2.7
CVE-2023-23752: Improper Access Control in Joomla! Versions 4.0.0 through 4.2.7
2024-05-05
James McGill
CVE-2024-4040: A Critical CrushFTP Server-Side Template Injection Vulnerability
CVE-2024-4040: A Critical CrushFTP Server-Side Template Injection Vulnerability
2024-05-02
James McGill
CVE-2023-33733: RCE in Reportlab's HTML Parser
CVE-2023-33733: RCE in Reportlab's HTML Parser
2024-05-02
James McGill
Unmasking Ray's Vulnerability: A Deep Dive into CVE-2023-48022
Unmasking Ray's Vulnerability: A Deep Dive into CVE-2023-48022
2024-04-21
James McGill
Redis Exploit: A Technical Deep Dive into CVE-2022-24834
Redis Exploit: A Technical Deep Dive into CVE-2022-24834
2024-04-21
James McGill
CVE-2024-27198: Dissecting a Critical Authentication Bypass in JetBrains TeamCity
CVE-2024-27198: Dissecting a Critical Authentication Bypass in JetBrains TeamCity
2024-04-01
James McGill
CVE-2021-43798: Dissecting the Grafana Path Traversal Vulnerability
CVE-2021-43798: Dissecting the Grafana Path Traversal Vulnerability
2024-03-30
James McGill
Authenticated Server-Side Template Injection with Sandbox Bypass in Grav CMS (CVE-2024-28116)
Authenticated Server-Side Template Injection with Sandbox Bypass in Grav CMS (CVE-2024-28116)
2024-03-24
James McGill
SQL Injection Alert! Dissecting CVE-2024-1698 in NotificationX for WordPress
SQL Injection Alert! Dissecting CVE-2024-1698 in NotificationX for WordPress
2024-03-10
James McGill
Dissecting the CVE-2023-39362 Command Injection Vulnerability in Cacti
Dissecting the CVE-2023-39362 Command Injection Vulnerability in Cacti
2024-03-10
James McGill
CVE-2023-33246: A Critical RCE Vulnerability in Apache RocketMQ
CVE-2023-33246: A Critical RCE Vulnerability in Apache RocketMQ
2024-03-03
James McGill
CVE-2023-43804: A Deep Dive into the urllib3 Cookie Leakage Vulnerability
CVE-2023-43804: A Deep Dive into the urllib3 Cookie Leakage Vulnerability
2024-02-25
James McGill
CVE-2021-3129 Proof of Concept: In-Depth Exploration of the Laravel Ignition RCE Vulnerability
CVE-2021-3129 Proof of Concept: In-Depth Exploration of the Laravel Ignition RCE Vulnerability
2024-02-14
James McGill
Cracking Containers: Understanding CVE-2024-21626 in runc
Cracking Containers: Understanding CVE-2024-21626 in runc
2024-02-18
James McGill
Unraveling Arbitrary Code Execution in Apache Commons Text (CVE-2022-42889) with PoC
Unraveling Arbitrary Code Execution in Apache Commons Text (CVE-2022-42889) with PoC
2024-01-13
James McGill
CVE-2023-32315: Understanding the Openfire Admin Console Path Traversal Vulnerability
CVE-2023-32315: Understanding the Openfire Admin Console Path Traversal Vulnerability
2024-02-07
James McGill
CVE-2024-23897: A Critical RCE Vulnerability in Jenkins
CVE-2024-23897: A Critical RCE Vulnerability in Jenkins
2024-01-29
James McGill
Demystifying CVE-2021-4034: Unpacking the Polkit pkexec RCE Vulnerability
Demystifying CVE-2021-4034: Unpacking the Polkit pkexec RCE Vulnerability
2024-01-21
James McGill
Decoding SaltStack Salt's Vulnerability: A Deep Dive into CVE-2020-11651
Decoding SaltStack Salt's Vulnerability: A Deep Dive into CVE-2020-11651
2024-01-21
James McGill
XSS Threat of CVE-2023-0107 in Memos
XSS Threat of CVE-2023-0107 in Memos
2023-01-13
James McGill
Decoding CVE-2022-22965: Spring's RCE Vulnerability
Decoding CVE-2022-22965: Spring's RCE Vulnerability
2024-01-08
James McGill
CVE-2023-38646: Analyzing the Critical Metabase Security Vulnerability
CVE-2023-38646: Analyzing the Critical Metabase Security Vulnerability
2024-01-01
James McGill
CVE-2022-45875: A Deep Dive into Improper Input Validation and RCE in Apache DolphinScheduler
CVE-2022-45875: A Deep Dive into Improper Input Validation and RCE in Apache DolphinScheduler
2023-12-22
James McGill
Delving Deeper into the CVE-2023-27524 Exploit: Authentication Bypass in Apache Superset
Delving Deeper into the CVE-2023-27524 Exploit: Authentication Bypass in Apache Superset
2023-12-24
James McGill
Follina Zero-Day Exploit (CVE-2022-30190): Technical Deep Dive
Follina Zero-Day Exploit (CVE-2022-30190): Technical Deep Dive
2023-12-16
James McGill
CVE-2023-43770: Diving Deep into a Roundcube XSS Vulnerability with Code Analysis
CVE-2023-43770: Diving Deep into a Roundcube XSS Vulnerability with Code Analysis
2023-12-13
James McGill
CVE-2023-49103:  A Critical ownCloud Flaw Under Attack
CVE-2023-49103: A Critical ownCloud Flaw Under Attack
2023-12-06
James McGill
CVE-2023-27372: Remote Code Execution in SPIP
CVE-2023-27372: Remote Code Execution in SPIP
July 30, 2023
Muhammad Kamran Hasan
CVE-2023-24626: Privilege Escalation in GNU Screen
CVE-2023-24626: Privilege Escalation in GNU Screen
July 30, 2023
Muhammad Kamran Hasan
CVE-2023-33246: Remote Code Execution vulnerability in Apache RocketMQ
CVE-2023-33246: Remote Code Execution vulnerability in Apache RocketMQ
July 23, 2023
Muhammad Kamran Hasan
CVE-2023-2825: A Path Traversal Vulnerability in GitLab
CVE-2023-2825: A Path Traversal Vulnerability in GitLab
July 13, 2023
Muhammad Kamran Hasan
CVE-2023-36053: A Denial of Service Vulnerability in Django
CVE-2023-36053: A Denial of Service Vulnerability in Django
July 13, 2023
Muhammad Kamran Hasan
CVE-2023-22809 sudoedit Privilege Escalation Vulnerability: Comprehensive Analysis
CVE-2023-22809 sudoedit Privilege Escalation Vulnerability: Comprehensive Analysis
July 10, 2023
Muhammad Kamran Hasan
CVE-2023-32784: Master Password Disclosure in KeePass
CVE-2023-32784: Master Password Disclosure in KeePass
July 10, 2023
Muhammad Kamran Hasan
CVE-2023-0179: A Buffer Overflow Vulnerability in the Linux Kernel
CVE-2023-0179: A Buffer Overflow Vulnerability in the Linux Kernel
June 27, 2023
Muhammad Kamran Hasan
IDOR Vulnerability in Microsoft Teams Poses Serious Security Risk
IDOR Vulnerability in Microsoft Teams Poses Serious Security Risk
June 26, 2023
Muhammad Kamran Hasan
Third MOVEit Transfer Vulnerability Discovered, Cl0p Ransomware Gang Exploiting
Third MOVEit Transfer Vulnerability Discovered, Cl0p Ransomware Gang Exploiting
June 19, 2023
Muhammad Kamran Hasan
Unlocking the Secrets of CVE-2017-14798: PostgreSQL Privilege Escalation Unleashed
Unlocking the Secrets of CVE-2017-14798: PostgreSQL Privilege Escalation Unleashed
June 16, 2023
Muhammad Kamran Hasan