CVE-2024-52046 Impacts Apache Mina

CVE-2024-52046 is a critical security vulnerability found in the Apache MINA library. This vulnerability is located within the ObjectSerializationDecoder component, which uses Java’s native serialization mechanisms to decode incoming serialized data. The core issue is the absence of robust security checks and validation during the deserialization process, allowing attackers to craft malicious serialized data that […]

Apache ActiveMQ Flaw Enables DoS Attacks via Malformed Network Packets

itsecuritynews.info - 06/Mar 10:36

Security researchers have uncovered a significant vulnerability in Apache ActiveMQ, a popular open-source message broker used by enterprises to route...

Chrome security flaw enabled spying via Gemini Live assistant

securityaffairs.co - 03/Mar 08:48

A Google Chrome vulnerability lets malicious extensions hijack Gemini Live to spy on users and steal sensitive files. Researchers at Palo Alto...

Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites

securityaffairs.co - 12/Mar 13:25

An unauthenticated SQL injection flaw (CVE-2026-2413) in the Ally WordPress plugin, used on 400K+ sites, could allow attackers to steal sensitive...

Gogs Flaw Could Let Attackers Quietly Overwrite Large File Storage Data

itsecuritynews.info - 10/Mar 10:32

A critical security vulnerability has been identified in Gogs, a widely used open-source self-hosted Git service. / Tracked as CVE-2026-25921, this...

Gogs Flaw Could Let Attackers Quietly Overwrite Large File Storage Data

itsecuritynews.info - 10/Mar 10:32

A critical security vulnerability has been identified in Gogs, a widely used open-source self-hosted Git service. / Tracked as CVE-2026-25921, this...

Langflow CSV Agent Flaw Could Let Attackers Execute Arbitrary Code

itsecuritynews.info - 02/Mar 12:16

A critical vulnerability has been discovered in Langflow, a popular low-code tool used for building applications with Large Language Models (LLMs)....

Langflow CSV Agent Flaw Could Let Attackers Execute Arbitrary Code

itsecuritynews.info - 02/Mar 12:16

A critical vulnerability has been discovered in Langflow, a popular low-code tool used for building applications with Large Language Models (LLMs)....

CISA Reveals New Details on RESURGE Malware Exploiting Ivanti Zero-Day Vulnerability

itsecuritynews.info - 15:34

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published fresh technical insights into RESURGE, a malicious implant leveraged...

AVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command Injection

itsecuritynews.info - 06/Mar 12:34

A highly critical security flaw has been disclosed in the AVideo platform, leaving media servers exposed to complete system takeover. Tracked as...

AVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command Injection

itsecuritynews.info - 06/Mar 12:34

A highly critical security flaw has been disclosed in the AVideo platform, leaving media servers exposed to complete system takeover. Tracked as...

Rubriques :

CVE-2024-52046 Impacts Apache Mina

Articles similaires

Apache ActiveMQ Flaw Enables DoS Attacks via Malformed Network Packets

Chrome security flaw enabled spying via Gemini Live assistant

Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites

Gogs Flaw Could Let Attackers Quietly Overwrite Large File Storage Data

Gogs Flaw Could Let Attackers Quietly Overwrite Large File Storage Data

Langflow CSV Agent Flaw Could Let Attackers Execute Arbitrary Code

Langflow CSV Agent Flaw Could Let Attackers Execute Arbitrary Code

CISA Reveals New Details on RESURGE Malware Exploiting Ivanti Zero-Day Vulnerability

AVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command Injection

AVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command Injection

Les derniers communiqués