Spring Security has disclosed a critical vulnerability impacting WebFlux applications, enables an authorization bypass under specific conditions. If...
Vous n'êtes pas connecté
- English
- Français
- عربي
- Español
- Deutsch
- Português
- русский язык
- Català
- Italiano
- Nederlands, Vlaams
- Norsk
- فارسی
- বাংলা
- اردو
- Azərbaycan dili
- Bahasa Indonesia
- Հայերեն
- Ελληνικά
- Bosanski jezik
- українська мова
- Íslenska
- Türkmen, Түркмен
- Türkçe
- Shqip
- Eesti keel
- magyar
- Қазақ тілі
- Kalaallisut ; kalaallit oqaasii
- Lietuvių kalba
- Latviešu valoda
- македонски јазик
- Монгол
- Bahasa Melayu ; بهاس ملايو
- ဗမာစာ
- Slovenščina
- тоҷикӣ ; toğikī ; تاجیکی
- ไทย
- O'zbek ; Ўзбек ; أۇزبېك
- Tiếng Việt
- ភាសាខ្មែរ
- རྫོང་ཁ
- Soomaaliga ; af Soomaali
Maroc - THECYBERTHRONE.IN - A La Une - 22/Aug 01:19
Spring Security fixes CVE-2024-38810
A high-severity flaw has been discovered in Spring Security, potentially allowing unauthorized access to sensitive data within affected applications. Spring Security’s powerful method security features allow developers to control access to application methods using annotations like @PreAuthorize and @PostAuthorize. The vulnerability tracked as CVE-2024-38810 reveals a significant flaw: when objects are wrapped using @AuthorizeReturnObject or the AuthorizationAdvisorProxyFactory […]
Articles similaires
ServiceNow fixes CVE-2024-8923 and CVE-2024-8924
thecyberthrone.in - 31/Oct 17:07
ServiceNow has addressed two significant vulnerabilities, CVE-2024-8923 and CVE-2024-8924, which could enable unauthorized remote access, potentially...
Google fixes CVE-2024-43093 in Android OS
thecyberthrone.in - 16:55
Google has come with a warning about a vulnerability in the Android OS that is actively exploited in the wild. The vulnerability tracked as...
Progress fixes Critical vulnerability in Whatsup Gold
thecyberthrone.in - 28/Oct 14:31
Progress Software has disclosed a critical vulnerability in its popular network monitoring solution, WhatsUp Gold, that exposes organizations to...
Apache Lucene fixes CVE-2024-43383
thecyberthrone.in - 02/Nov 04:02
Apache Lucene.NET, an open-source search library has been discovered having a security flaw that could allow attackers to remotely execute malicious...
Android flaw CVE-2024-43093 may be under limited, targeted exploitation
securityaffairs.co - 08:51
Google warned that a vulnerability, tracked as CVE-2024-43093, in the Android OS is actively exploited in the wild. Threat actors are actively...
Fortinet warns of new critical FortiManager flaw used in zero-day attacks
bleepingcomputer.com - 23/Oct 15:05
Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to...
Researchers Discover Command Injection Flaw in Wi-Fi Alliance’s Test Suite
itsecuritynews.info - 25/Oct 14:34
A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges. The...
Researchers Discover Command Injection Flaw in Wi-Fi Alliance’s Test Suite
itsecuritynews.info - 25/Oct 14:34
A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges. The...
Squid Proxy has a DoS Vulnerability CVE-2024-45802
thecyberthrone.in - 30/Oct 06:47
The SQUID project has released patches for a high-severity DoS vulnerability in Squid. This vulnerability, tracked as CVE-2024-45802 with...
Les derniers communiqués
-
Aucun élément