Posts by Ryan Emmons

CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)

Apache OFBiz below 18.12.16 is vulnerable to unauthenticated remote code execution (CVE-2024-45195) on Linux and Windows. Exploitation is facilitated by bypassing previous patches.

6 min Vulnerability Disclosure

CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery

Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery (SSRF).

4 min Emergent Threat Response

Authentication Bypasses in MOVEit Transfer and MOVEit Gateway

On June 25, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer and MOVEit Gateway: CVE-2024-5806 and CVE-2024-5805.

Posts by Ryan Emmons

CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)

CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery

Authentication Bypasses in MOVEit Transfer and MOVEit Gateway

Popular Topics

Tags

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.