Remove 2024 Remove Authentication Remove Penetration Testing
article thumbnail

CVE-2024-40715: Authentication Bypass Threat in Veeam Backup Enterprise Manager

Penetration Testing

Veeam recently disclosed a new security vulnerability, tracked as CVE-2024-40715, that impacts Veeam Backup Enterprise Manager. this flaw is classified as a high-severity vulnerability,... The post CVE-2024-40715: Authentication Bypass Threat in Veeam Backup Enterprise Manager appeared first on Cybersecurity News.

Backups 115
article thumbnail

CVE-2024-9488 (CVSS 9.8): Authentication Bypass Flaw in wpDiscuz Plugin, Over 80,000 Sites at Risk

Penetration Testing

A critical authentication bypass vulnerability has been discovered in wpDiscuz, a widely used WordPress plugin with over 80,000 active installations.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CVE-2024-4985 (CVSS 10): Critical Authentication Bypass Flaw Found in GitHub Enterprise Server

Penetration Testing

GitHub, the world’s leading software development platform, has disclosed a critical security vulnerability (CVE-2024-4985) in its self-hosted GitHub Enterprise Server (GHES) product.

article thumbnail

CVE-2024-55661: RCE Vulnerability Discovered in Laravel Pulse Monitoring Tool

Penetration Testing

Tracked as CVE-2024-55661, this vulnerability could allow authenticated... The post CVE-2024-55661: RCE Vulnerability Discovered in Laravel Pulse Monitoring Tool appeared first on Cybersecurity News.

article thumbnail

CVE-2024-43441: Authentication Bypass Vulnerability Found in Apache HugeGraph-Server

Penetration Testing

The Apache Software Foundation has disclosed a critical vulnerability, CVE-2024-43441, affecting Apache HugeGraph-Server, a widely used open-source graph database system.

article thumbnail

CVE-2024-46483 (CVSS 9.8): Xlight FTP Server Flaw Leaves Users Exposed to Remote Attacks, PoC Published

Penetration Testing

Designated as CVE-2024-46483, this pre-authentication... The post CVE-2024-46483 (CVSS 9.8): Xlight FTP Server Flaw Leaves Users Exposed to Remote Attacks, PoC Published appeared first on Cybersecurity News.

article thumbnail

Okta Discloses Authentication Vulnerability in AD/LDAP DelAuth, Urges Customer Review

Penetration Testing

On October 30, 2024, Okta announced a critical security advisory addressing a vulnerability in its AD/LDAP Delegated Authentication (DelAuth) system.