REQUEST A DEMO

mitigation

February 19, 2025
Published by Kevin Lackey on February 19, 2025
Categories

Mitigating CVE-2024-27198: JetBrains TeamCity Authentication Bypass Vulnerability

Tech Stack: JetBrains TeamCity Date(s) Issued: Published: March 4, 2024; Last Updated: November 29, 2024 Criticality: CVSS Score: 9.8 (Critical) Overview: CVE-2024-27198 is a critical authentication […]
Do you like it?
0 Read more
February 19, 2025
Published by Kevin Lackey on February 19, 2025
Categories

Mitigating CVE-2023-42793: JetBrains TeamCity Authentication Bypass Vulnerability

Tech Stack: JetBrains TeamCity Date(s) Issued: Published: September 6, 2023; Last Updated: October 18, 2023 Criticality: CVSS Score: 9.8 (Critical) Overview: CVE-2023-42793 is a critical authentication […]
Do you like it?
0 Read more
January 28, 2025
Published by Kevin Lackey on January 28, 2025
Categories

Mitigating CVE-2024-4358: Authentication Bypass in Progress Telerik Report Server

Tech Stack: Date(s) Issued: Criticality: Overview: CVE-2024-4358 is an authentication bypass vulnerability in Progress Telerik Report Server versions 2024 Q1 (10.0.24.305) and earlier. An unauthenticated attacker […]
Do you like it?
0 Read more
December 18, 2024
Published by Kevin Lackey on December 18, 2024
Categories

Mitigating CVE-2021-35211: Remote Code Execution Vulnerability in SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP

Tech Stack: SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP Date(s) Issued: Published: 07/09/2021; Last Modified: 11/21/2024 Criticality: CVSS v3 Score: 8.8 – HIGH Overview: […]
Do you like it?
0 Read more
December 18, 2024
Published by Kevin Lackey on December 18, 2024
Categories

Mitigating CVE-2018-1303: Out-of-Bounds Read Vulnerability in Apache HTTP Server’s mod_cache_socache Module

Tech Stack: Apache HTTP Server (httpd) Date(s) Issued: Published: 03/26/2018; Last Modified: 12/03/2024 Criticality: CVSS v2 Score: 5.0 – MEDIUM Overview: CVE-2018-1303 is an out-of-bounds read […]
Do you like it?
0 Read more
December 18, 2024
Published by Kevin Lackey on December 18, 2024
Categories

Mitigating CVE-2017-15715: Bypass Vulnerability in Apache HTTP Server

Tech Stack: Apache HTTP Server (httpd) Date(s) Issued: Published: 03/24/2018; Last Modified: 12/09/2024 Criticality: CVSS v3 Score: 8.1 – HIGH Overview: CVE-2017-15715 is a vulnerability in […]
Do you like it?
0 Read more
December 18, 2024
Published by Kevin Lackey on December 18, 2024
Categories

Mitigating CVE-2015-2331: Integer Overflow Vulnerability in libzip and PHP’s ZIP Extension

Tech Stack: libzip and PHP’s ZIP Extension Date(s) Issued: Published: 03/30/2015; Last Modified: 04/15/2015 Criticality: CVSS v2 Score: 7.5 – HIGH Overview: CVE-2015-2331 is an integer […]
Do you like it?
0 Read more
December 18, 2024
Published by Kevin Lackey on December 18, 2024
Categories

Mitigating CVE-2024-4358: Critical Authentication Bypass Vulnerability in Progress Telerik Report Server

Tech Stack: Progress Telerik Report Server on IIS Date(s) Issued: Published: 05/29/2024; Last Modified: 11/21/2024 Criticality: CVSS v3 Score: 9.8 – CRITICAL Overview: CVE-2024-4358 is a […]
Do you like it?
0 Read more
December 17, 2024
Published by Kevin Lackey on December 17, 2024
Categories

Mitigating CVE-2023-22518: Critical Improper Authorization Vulnerability in Atlassian Confluence Data Center and Server

Tech Stack: Atlassian Confluence Data Center and Server Date(s) Issued: Published: 10/31/2023; Last Modified: 11/20/2024 Criticality: CVSS v3 Score: 10.0 – CRITICAL Overview: CVE-2023-22518 is a […]
Do you like it?
0 Read more
December 17, 2024
Published by Kevin Lackey on December 17, 2024
Categories

Mitigating CVE-2017-1000486: Remote Code Execution Vulnerability in PrimeTek PrimeFaces

Tech Stack: PrimeTek PrimeFaces (JavaServer Faces) Date(s) Issued: Published: 01/03/2018; Last Modified: 11/20/2024 Criticality: CVSS v3 Score: 9.8 – CRITICAL Overview: CVE-2017-1000486 is a critical remote […]
Do you like it?
0 Read more
December 16, 2024
Published by Kevin Lackey on December 16, 2024
Categories

Mitigating CVE-2024-55956: Unauthenticated Command Execution via Autorun Directory in Cleo Products

Tech Stack Date(s) Issued Criticality Overview This vulnerability is caused by insecure default settings in the Autorun Directory of Cleo Harmony, VLTrader, and LexiCom. An unauthenticated […]
Do you like it?
0 Read more
December 16, 2024
Published by Kevin Lackey on December 16, 2024
Categories

Mitigating CVE-2024-50623: Unrestricted File Upload and Download Vulnerability in Cleo Products

Tech Stack Date(s) Issued Criticality Overview This vulnerability stems from insufficient validation or controls over file upload and download mechanisms in affected Cleo products. By exploiting […]
Do you like it?
0 Read more
12345678910111213