CVE-2024-52046 Impacts Apache Mina

CVE-2024-52046 is a critical security vulnerability found in the Apache MINA library. This vulnerability is located within the ObjectSerializationDecoder component, which uses Java’s native serialization mechanisms to decode incoming serialized data. The core issue is the absence of robust security checks and validation during the deserialization process, allowing attackers to craft malicious serialized data that […]

Apache ActiveMQ Flaw Enables DoS Attacks via Malformed Network Packets

itsecuritynews.info - 06/Mar 10:36

Security researchers have uncovered a significant vulnerability in Apache ActiveMQ, a popular open-source message broker used by enterprises to route...

Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites

securityaffairs.co - 12/Mar 13:25

An unauthenticated SQL injection flaw (CVE-2026-2413) in the Ally WordPress plugin, used on 400K+ sites, could allow attackers to steal sensitive...

Gogs Flaw Could Let Attackers Quietly Overwrite Large File Storage Data

itsecuritynews.info - 10/Mar 10:32

A critical security vulnerability has been identified in Gogs, a widely used open-source self-hosted Git service. / Tracked as CVE-2026-25921, this...

Gogs Flaw Could Let Attackers Quietly Overwrite Large File Storage Data

itsecuritynews.info - 10/Mar 10:32

A critical security vulnerability has been identified in Gogs, a widely used open-source self-hosted Git service. / Tracked as CVE-2026-25921, this...

CISA Reveals New Details on RESURGE Malware Exploiting Ivanti Zero-Day Vulnerability

itsecuritynews.info - 14/Mar 15:34

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published fresh technical insights into RESURGE, a malicious implant leveraged...

Claude Vulnerabilities Allow Data Exfiltration and User Redirection to Malicious Sites

itsecuritynews.info - 14:07

Three chained vulnerabilities in Claude.ai, Anthropic’s widely used AI assistant, that together allow attackers to silently exfiltrate sensitive...

Claude Vulnerabilities Allow Data Exfiltration and User Redirection to Malicious Sites

itsecuritynews.info - 14:07

Three chained vulnerabilities in Claude.ai, Anthropic’s widely used AI assistant, that together allow attackers to silently exfiltrate sensitive...

AVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command Injection

itsecuritynews.info - 06/Mar 12:34

A highly critical security flaw has been disclosed in the AVideo platform, leaving media servers exposed to complete system takeover. Tracked as...

AVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command Injection

itsecuritynews.info - 06/Mar 12:34

A highly critical security flaw has been disclosed in the AVideo platform, leaving media servers exposed to complete system takeover. Tracked as...

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

securityaffairs.co - 08/Mar 19:10

Nginx UI flaw CVE-2026-27944 lets attackers download and decrypt server backups without authentication, exposing sensitive data on public management...

Rubriques :

CVE-2024-52046 Impacts Apache Mina

Articles similaires

Apache ActiveMQ Flaw Enables DoS Attacks via Malformed Network Packets

Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites

Gogs Flaw Could Let Attackers Quietly Overwrite Large File Storage Data

Gogs Flaw Could Let Attackers Quietly Overwrite Large File Storage Data

CISA Reveals New Details on RESURGE Malware Exploiting Ivanti Zero-Day Vulnerability

Claude Vulnerabilities Allow Data Exfiltration and User Redirection to Malicious Sites

Claude Vulnerabilities Allow Data Exfiltration and User Redirection to Malicious Sites

AVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command Injection

AVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command Injection

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

Les derniers communiqués