Ethical Hacking - Vulnerability
![Python-JOSE Security Risk: CVE-2024-33663 Explained](https://images.ctfassets.net/64984aro4ssj/3oimMUfOPh6ooFCJb3Qnq/d1ce617db200f3d56116e6a183d816ca/kamran_CVE-2024-33663.jpg)
Python-JOSE Security Risk: CVE-2024-33663 Explained
2024-07-21
![CVE-2024-27316: A Deep Dive into the nghttp2 Header Overflow](https://images.ctfassets.net/64984aro4ssj/R6Lf0SFBGAhX9XXaavOb5/a4f0a24533faeca681d8667a45926aaf/kamran_CVE-2024-27316.jpg)
CVE-2024-27316: A Deep Dive into the nghttp2 Header Overflow
2024-07-21
![CVE-2024-36401: GeoServer and GeoTools - XPath Injection via commons-jxpath](https://images.ctfassets.net/64984aro4ssj/2OKaYiJ1yWFigyUWdX5iS1/ea6dd06bad9abbdc82fd3d2dfac508f0/kamran_CVE-2024-36401.jpg)
CVE-2024-36401: GeoServer and GeoTools - XPath Injection via commons-jxpath
2024-06-13
![A Deep Dive into CVE-2024-37032 (Ollama RCE Vulnerability)](https://images.ctfassets.net/64984aro4ssj/1J85kvhENecOnxbNYYPRCa/704aef3bce745d25034773cd915ed8ce/kamran_CVE-2024-37032.jpg)
A Deep Dive into CVE-2024-37032 (Ollama RCE Vulnerability)
2024-06-30
![CVE-2024-28102: JWCrypto DoS Vulnerability](https://images.ctfassets.net/64984aro4ssj/1JHmZf3o9Fc8qTZKY14ZBD/66cb6a51c46411149acb60b050b57bd9/kamran_CVE-2024-28102.jpg)
CVE-2024-28102: JWCrypto DoS Vulnerability
2024-06-23
![CVE-2024-38355: Technical Analysis of Unhandled Exception in Socket.IO](https://images.ctfassets.net/64984aro4ssj/46L0EVUF5cRIV7O05HE8Dd/a4c022280d01834d7445f1647b950dae/kamran_CVE-2024-38355.jpg)
CVE-2024-38355: Technical Analysis of Unhandled Exception in Socket.IO
2024-06-23
![CVE-2024-27348: Dissecting the RCE Vulnerability in Apache HugeGraph Server](https://images.ctfassets.net/64984aro4ssj/5o2Kyw50r86xznGafjA1z3/87b158413b626ac229e8964a4efd050c/kamran_CVE_template-2024-27348.jpg)
CVE-2024-27348: Dissecting the RCE Vulnerability in Apache HugeGraph Server
2024-06-16
![Unmasking CVE-2024-28255: Authentication Bypass in OpenMetadata](https://images.ctfassets.net/64984aro4ssj/7C5vda1kXHDDp2O5tnkA4q/4672d0f969e32ec576183cc8a51badc0/kamran_CVE-2024-28255.jpg)
Unmasking CVE-2024-28255: Authentication Bypass in OpenMetadata
2024-06-16
![CVE-2024-23346: Arbitrary Code Execution in Pymatgen via Insecure Deserialization](https://images.ctfassets.net/64984aro4ssj/2EEnMSJAX96NgMYqgLHvBP/f9d9e5a4d82391534cec109ccd401ec5/cve-2024-23346.png)
CVE-2024-23346: Arbitrary Code Execution in Pymatgen via Insecure Deserialization
2024-05-26
![CVE-2022-44268: Dissecting the ImageMagick Arbitrary File Disclosure Vulnerability](https://images.ctfassets.net/64984aro4ssj/Oezx8NXW7u3Gnya4bc0qC/0d0f500563601e30bf409fcc5ebe8c49/cve-2022-44268.png)
CVE-2022-44268: Dissecting the ImageMagick Arbitrary File Disclosure Vulnerability
2024-05-26
![Spring Cloud Gateway Actuator Code Injection (CVE-2022-22947): A Deeper Dive for Security Researchers](https://images.ctfassets.net/64984aro4ssj/2UEe6Rb6HCM6xnTOgaLSuG/6c7721189f4700296db13f37291fc13f/cve-2022-22947.png)
Spring Cloud Gateway Actuator Code Injection (CVE-2022-22947): A Deeper Dive for Security Researchers
2024-05-19
![CVE-2024-22416: CSRF Vulnerability in pyLoad (pyload-ng)](https://images.ctfassets.net/64984aro4ssj/5hrd9GMVlb26tolwJNqZQu/d0234feefecb76314701d6fa42b94f12/cve-2024-22416.png)
CVE-2024-22416: CSRF Vulnerability in pyLoad (pyload-ng)
2024-05-19
![CVE-2023-1177: Path Traversal Vulnerability in MLflow](https://images.ctfassets.net/64984aro4ssj/2XwlRtnwCBMblCL9YKdT4g/29af10ba199e1cc087dcb0cda113594f/cve-2023-1171.png)
CVE-2023-1177: Path Traversal Vulnerability in MLflow
2024-05-19
![CVE-2024-1561: Unauthorized Local File Read Vulnerability in Gradio Applications](https://images.ctfassets.net/64984aro4ssj/2eNccw7Zlltqh5RcJmJYHU/1deda62ea22f7f9511e068b878918fea/kamran_CVE-2024-1561.jpg)
CVE-2024-1561: Unauthorized Local File Read Vulnerability in Gradio Applications
2024-05-12
![CVE-2024-27956: SQL Injection Vulnerability in ValvePress Automatic (WP-Automatic)](https://images.ctfassets.net/64984aro4ssj/725MnN5iZjp4GeA9yzjhpY/e5fc49cca11235bf1c1c722403b26436/kamran_CVE-2024-27956.jpg)
CVE-2024-27956: SQL Injection Vulnerability in ValvePress Automatic (WP-Automatic)
2024-05-05
![CVE-2023-23752: Improper Access Control in Joomla! Versions 4.0.0 through 4.2.7](https://images.ctfassets.net/64984aro4ssj/53juJtzu06AqBbz4uEd6YT/b96d341e4a66f511b20ca17c1be41d99/kamran_CVE-2023-23752.jpg)
CVE-2023-23752: Improper Access Control in Joomla! Versions 4.0.0 through 4.2.7
2024-05-05
![CVE-2024-4040: A Critical CrushFTP Server-Side Template Injection Vulnerability](https://images.ctfassets.net/64984aro4ssj/giAQ1wBYnNnnvhrxWAXnJ/29a36d5412ebfd6a882bf86d01fe7f63/cve-2024-4040.png)
CVE-2024-4040: A Critical CrushFTP Server-Side Template Injection Vulnerability
2024-05-02
![CVE-2023-33733: RCE in Reportlab's HTML Parser](https://images.ctfassets.net/64984aro4ssj/3ypERRgFwNrHbHolAO9XYn/ceeffd5e18455c572add7399c192cce5/cve-2023-33733.png)
CVE-2023-33733: RCE in Reportlab's HTML Parser
2024-05-02
![Unmasking Ray's Vulnerability: A Deep Dive into CVE-2023-48022](https://images.ctfassets.net/64984aro4ssj/qMN1md4CkbJawjjlwTDAu/f1f483d035664e6f395c4c13ae1fce36/cve-2023-48022.png)
Unmasking Ray's Vulnerability: A Deep Dive into CVE-2023-48022
2024-04-21
![Redis Exploit: A Technical Deep Dive into CVE-2022-24834](https://images.ctfassets.net/64984aro4ssj/33lkC5gQ9vf0ozkbibvstl/24f4e100c1ae77a648f86d9301bb796d/cve-2022-24834.png)
Redis Exploit: A Technical Deep Dive into CVE-2022-24834
2024-04-21
![CVE-2024-27198: Dissecting a Critical Authentication Bypass in JetBrains TeamCity](https://images.ctfassets.net/64984aro4ssj/6LkBmSdPHod8u1EnnMbfG/fa2d8f4b0bb5fb7285bbb46ed9f8a6fc/cve-2024-27198.png)
CVE-2024-27198: Dissecting a Critical Authentication Bypass in JetBrains TeamCity
2024-04-01
![CVE-2021-43798: Dissecting the Grafana Path Traversal Vulnerability](https://images.ctfassets.net/64984aro4ssj/3gcn2aZDyGgJN739GhssBj/4a6a4f2b0fe1f8cc57bbdf1f9f693883/kamran_CVE-2021-43798.jpg)
CVE-2021-43798: Dissecting the Grafana Path Traversal Vulnerability
2024-03-30
![Authenticated Server-Side Template Injection with Sandbox Bypass in Grav CMS (CVE-2024-28116)](https://images.ctfassets.net/64984aro4ssj/314ASzkbEDXofAHP543Afj/6ccec7c56ffe38426f1387e17ef1b126/cve-2024-28116.png)
Authenticated Server-Side Template Injection with Sandbox Bypass in Grav CMS (CVE-2024-28116)
2024-03-24
![SQL Injection Alert! Dissecting CVE-2024-1698 in NotificationX for WordPress](https://images.ctfassets.net/64984aro4ssj/3TqftQnxWjVd55cbjkAMTH/557106f6bd5d51388a1f3669f0c53bcd/Kamran_CVE-2024-1698.jpg)
SQL Injection Alert! Dissecting CVE-2024-1698 in NotificationX for WordPress
2024-03-10
![Dissecting the CVE-2023-39362 Command Injection Vulnerability in Cacti](https://images.ctfassets.net/64984aro4ssj/1W9zsfWv6qrJw5eKyMedMc/8946a81440055ab33110b1e5bd50e102/kamran_CVE-2023-39362.jpg)
Dissecting the CVE-2023-39362 Command Injection Vulnerability in Cacti
2024-03-10
![CVE-2023-33246: A Critical RCE Vulnerability in Apache RocketMQ](https://images.ctfassets.net/64984aro4ssj/6nzWc36bhIMxiv9UufpPLY/35697e4e5bdad62e35e936e345d393d8/kamran_CVE-2023-33246.jpg)
CVE-2023-33246: A Critical RCE Vulnerability in Apache RocketMQ
2024-03-03
![CVE-2023-43804: A Deep Dive into the urllib3 Cookie Leakage Vulnerability](https://images.ctfassets.net/64984aro4ssj/6rRpAmkSMNPdkto5aYS1I3/892949a7c031fc6c56bdea897cdccff3/cve-2023-43804.png)
CVE-2023-43804: A Deep Dive into the urllib3 Cookie Leakage Vulnerability
2024-02-25
![CVE-2021-3129 Proof of Concept: In-Depth Exploration of the Laravel Ignition RCE Vulnerability](https://images.ctfassets.net/64984aro4ssj/40U2a9hYO1kcEzJBLoWHTH/8450c28e26faddff6c0e80b4b7cc5f13/kamran_CVE-2021-3129.png)
CVE-2021-3129 Proof of Concept: In-Depth Exploration of the Laravel Ignition RCE Vulnerability
2024-02-14
![Cracking Containers: Understanding CVE-2024-21626 in runc](https://images.ctfassets.net/64984aro4ssj/7h4VzBDXGFqY6WvjMiHtua/e5ace0a08aca067542014fcdc6eb2d60/kamran_CVE-2024-21626.png)
Cracking Containers: Understanding CVE-2024-21626 in runc
2024-02-18
![Unraveling Arbitrary Code Execution in Apache Commons Text (CVE-2022-42889) with PoC](https://images.ctfassets.net/64984aro4ssj/6DugZPasXHY7ND5p2qJysZ/abe42d403a8cb5e8774dcacbcff2f45f/cve-2022-42889.png)
Unraveling Arbitrary Code Execution in Apache Commons Text (CVE-2022-42889) with PoC
2024-01-13
![CVE-2023-32315: Understanding the Openfire Admin Console Path Traversal Vulnerability](https://images.ctfassets.net/64984aro4ssj/3UbkUpQrdhtnslYRamQmRe/e43cab5a6d8c63aad7b6e972f85a6860/cve-2023-32315.png)
CVE-2023-32315: Understanding the Openfire Admin Console Path Traversal Vulnerability
2024-02-07
![CVE-2024-23897: A Critical RCE Vulnerability in Jenkins](https://images.ctfassets.net/64984aro4ssj/30LvQlYV8BNj37PznwXpAQ/b8faaa0bff6e536fa1825e5a7cff0912/cve-2024-23897.png)
CVE-2024-23897: A Critical RCE Vulnerability in Jenkins
2024-01-29
![Demystifying CVE-2021-4034: Unpacking the Polkit pkexec RCE Vulnerability](https://images.ctfassets.net/64984aro4ssj/1XCpsrbrVVGMDRfJHjKPhy/bad622f99884538664b0e45b37b9cbc2/CVE-2021-4034.png)
Demystifying CVE-2021-4034: Unpacking the Polkit pkexec RCE Vulnerability
2024-01-21
![Decoding SaltStack Salt's Vulnerability: A Deep Dive into CVE-2020-11651](https://images.ctfassets.net/64984aro4ssj/7548uimbbErbKvmJJTd4uH/81fe4b2ffb394d36ae83ec5f13f4a8e7/CVE-2020-11651.png)
Decoding SaltStack Salt's Vulnerability: A Deep Dive into CVE-2020-11651
2024-01-21
![XSS Threat of CVE-2023-0107 in Memos](https://images.ctfassets.net/64984aro4ssj/6jfUbe8rxHMRtNhqFzd60N/15af23e2b4f1e9b704ea29ce931939ca/cve-2023-0107.png)
XSS Threat of CVE-2023-0107 in Memos
2023-01-13
![Decoding CVE-2022-22965: Spring's RCE Vulnerability](https://images.ctfassets.net/64984aro4ssj/5KCEgWguE7gEOZC0gT3cHA/a7c5b5f500afea7cd16367f5c6fe2cad/cve-2022-22965.png)
Decoding CVE-2022-22965: Spring's RCE Vulnerability
2024-01-08
![CVE-2023-38646: Analyzing the Critical Metabase Security Vulnerability](https://images.ctfassets.net/64984aro4ssj/51QYYSLjxFN4sPSQH43DU2/2c55919f2f6cf2d26f1faf4f72acc2ac/cve-2023-38646.png)
CVE-2023-38646: Analyzing the Critical Metabase Security Vulnerability
2024-01-01
![CVE-2022-45875: A Deep Dive into Improper Input Validation and RCE in Apache DolphinScheduler](https://images.ctfassets.net/64984aro4ssj/7oLKnx9ZQo59XH3YjwVEf2/82f689038c258e9f64806b2963194105/CVE-2022-45875.png)
CVE-2022-45875: A Deep Dive into Improper Input Validation and RCE in Apache DolphinScheduler
2023-12-22
![Delving Deeper into the CVE-2023-27524 Exploit: Authentication Bypass in Apache Superset](https://images.ctfassets.net/64984aro4ssj/7GW3ecdWoPNNq4dVvo6ian/ca294de873399a9bd6a7be61ed795c57/CVE-2023-27524.png)
Delving Deeper into the CVE-2023-27524 Exploit: Authentication Bypass in Apache Superset
2023-12-24
![Follina Zero-Day Exploit (CVE-2022-30190): Technical Deep Dive](https://images.ctfassets.net/64984aro4ssj/7lA2YCrhQzYKO2K2b9mNnn/162cc33d204697d7e80fa84904204a8f/cve-2022-30190.png)
Follina Zero-Day Exploit (CVE-2022-30190): Technical Deep Dive
2023-12-16
![CVE-2023-43770: Diving Deep into a Roundcube XSS Vulnerability with Code Analysis](https://images.ctfassets.net/64984aro4ssj/4NkywRrCrZaeayTE21U6R5/d24aaa565aea00b33a276da002ebb5b7/cve-2023-43770.png)
CVE-2023-43770: Diving Deep into a Roundcube XSS Vulnerability with Code Analysis
2023-12-13
![CVE-2023-49103: A Critical ownCloud Flaw Under Attack](https://images.ctfassets.net/64984aro4ssj/2x8iL7fWP2nmoXTZ5VIkHE/8bb9f083a7d6589f58e0019447f4386c/CVE-2023-49103.png)
CVE-2023-49103: A Critical ownCloud Flaw Under Attack
2023-12-06
![CVE-2023-27372: Remote Code Execution in SPIP](https://images.ctfassets.net/64984aro4ssj/1JQB6WxFMLhpPu44rKFyXA/c822c609d9223ad2e43a375a2a517133/VUtxIf.jpg)
CVE-2023-27372: Remote Code Execution in SPIP
July 30, 2023
![CVE-2023-24626: Privilege Escalation in GNU Screen](https://images.ctfassets.net/64984aro4ssj/3AYWAJQ7AOISwDcfAsc3JZ/3394e9eea5c0f0fed6e927a14e12deb0/XKPMmO.jpg)
CVE-2023-24626: Privilege Escalation in GNU Screen
July 30, 2023
![CVE-2023-33246: Remote Code Execution vulnerability in Apache RocketMQ](https://images.ctfassets.net/64984aro4ssj/2ssK9gaCRXy8QFbjo8SLDL/485fccef4ec8271abe41b6d48ac9ad01/33246_banner.jpg)
CVE-2023-33246: Remote Code Execution vulnerability in Apache RocketMQ
July 23, 2023
![CVE-2023-2825: A Path Traversal Vulnerability in GitLab](https://images.ctfassets.net/64984aro4ssj/1Zm8hML1e2qF1Nkf5GhkT1/689efb66c61f39c9fac10d68af3dc620/2825.jpg)
CVE-2023-2825: A Path Traversal Vulnerability in GitLab
July 13, 2023
![CVE-2023-36053: A Denial of Service Vulnerability in Django](https://images.ctfassets.net/64984aro4ssj/FSdxB15tlcddDCNmLQLif/0ce6dafa2e2cafac91ad91cce22fd7f0/36053.jpg)
CVE-2023-36053: A Denial of Service Vulnerability in Django
July 13, 2023
![CVE-2023-22809 sudoedit Privilege Escalation Vulnerability: Comprehensive Analysis](https://images.ctfassets.net/64984aro4ssj/fPWzPpP1QKuThw9AOmS6D/217669a32bb5a31ce45ca245841434ca/22809.jpg)
CVE-2023-22809 sudoedit Privilege Escalation Vulnerability: Comprehensive Analysis
July 10, 2023
![CVE-2023-32784: Master Password Disclosure in KeePass](https://images.ctfassets.net/64984aro4ssj/4g9QZX9s2r8jNcjpDno7j/0e9f97fc92bb9b3f768bcef6a6e08c55/32784.jpg)
CVE-2023-32784: Master Password Disclosure in KeePass
July 10, 2023
![CVE-2023-0179: A Buffer Overflow Vulnerability in the Linux Kernel](https://images.ctfassets.net/64984aro4ssj/7oGvVdsXA66jBiJCzZW10N/1e36b9c143a8f59860c53844cd717684/cve.jpg)
CVE-2023-0179: A Buffer Overflow Vulnerability in the Linux Kernel
June 27, 2023
![IDOR Vulnerability in Microsoft Teams Poses Serious Security Risk](https://images.ctfassets.net/64984aro4ssj/7bnleKdoMeI8BGeurZmNVV/6af103f2ece416ed2bc7a260b8de149c/ms-teams-red-hns.jpg)
IDOR Vulnerability in Microsoft Teams Poses Serious Security Risk
June 26, 2023
Third MOVEit Transfer Vulnerability Discovered, Cl0p Ransomware Gang Exploiting
June 19, 2023
![Unlocking the Secrets of CVE-2017-14798: PostgreSQL Privilege Escalation Unleashed](https://images.ctfassets.net/64984aro4ssj/2dQZKNr44PicLRWG2NbfOw/85c60c1262d2744d8e60ee7e2e7a741e/cve_post.jpg)
Unlocking the Secrets of CVE-2017-14798: PostgreSQL Privilege Escalation Unleashed
June 16, 2023