CVE-2024-29849: Veeam discloses Critical Vulnerability that allows attackers to bypass user authentication on its Backup Enterprise Manager web interface

On May 21, 2024, Veeam revealed a severe flaw across its Veeam Backup Enterprise Manager (VBEM) web interface that enables an unauthenticated attacker to log into the web interface as any user. Offici ...

Continue Reading

June 11, 2024

CVE-2024-29855

Hard-coded JWT secret allows authentication bypass in Veeam Recovery...Read More ...

Continue Reading

June 11, 2024

CVE-2024-29855

Hard-coded JWT secret allows authentication bypass in Veeam Recovery...Read More ...

Continue Reading

June 11, 2024

CVE-2024-29855

Hard-coded JWT secret allows authentication bypass in Veeam Recovery...Read More ...

Continue Reading

June 11, 2024

Authentication Bypass By Spoofing

github.com/openshift/telemeter/ is vulnerable to Authentication Bypass By Spoofing. The vulnerability is due to improper checks which allows an attacker to bypass the issue ("iss") c ...

Continue Reading

June 11, 2024

Authentication Bypass By Spoofing

github.com/kubernetes/kubernetes/ is vulnerable to Authentication Bypass By Spoofing. The vulnerability is due to improper issuers check which allows an attacker to bypass the issue ("iss& ...

Continue Reading

June 11, 2024

RHEL 8 : python-jwt (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-jwt: Key con ...

Continue Reading

June 09, 2024

CVE-2024-5483 LearnPress – WordPress LMS Plugin <= 4.2.6.8 – Basic Information Disclosure via JSON API

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.8 due to incorrect implementation of get_items_ ...

Continue Reading

June 07, 2024

1 396 397 398 399 400 551

Back to Main
Subscribe for the latest news: