Explore >> Select a destination
|
You are here 
|
krebsonsecurity.com | ||
| | | | |
www.imperva.com
|
|
| | | | | Recently, a critical vulnerability in the widely used Apache OFBiz framework was disclosed, designated CVE-2024-45195. This vulnerability allows for unauthenticated remote code execution (RCE), making it an especially dangerous flaw for organizations using OFBiz in their business operations. An attacker without valid credentials can exploit missing view authorization checks in the web application, bypassing previous [...] | |
| | | | |
thehackernews.com
|
|
| | | | | A critical vulnerability (CVE-2024-3400) in Palo Alto Networks PAN-OS is being actively exploited by threat actors. | |
| | | | |
m417z.com
|
|
| | | | | This is a write-up of a vulnerability that I discovered in Windows. The vulnerability was patched in December's Patch Tuesday, and the CVE assigned to it is CVE-2023-36003. The vulnerability allows a non-elevated process to inject a DLL into an elevated or otherwise inaccessible process, allowing for privilege escalation. The vulnerability is caused by a lack of security checks in the InitializeXamlDiagnosticsEx API, which is used for inspecting applications that use Extensible Application Markup Language (XAML) for their UI. XAML is the recommended way to build user interfaces in new Windows applications, and is used by more and more built-in applications, including Task Manager and Windows Terminal. | |
| | | | |
www.securitymagazine.com
|
|
| | | |||
