CVE-2024-43769 - How a Logic Error in Android Can Make CloudDPC Unremovable and Lead to Privilege Escalation
A new Android security vulnerability, CVE-2024-43769, has made headlines for its simplicity and potential for misuse. Found in the isPackageDeviceAdmin function within the PackageManagerService.java
CVE-2024-43767 - Heap Overflow in Skia's SkBlurMaskFilterImpl.cpp and Its Exploit – A Deep Dive
In June 2024, a critical vulnerability was uncovered in Skia, the popular 2D graphics library used by Google Chrome, Android, and many other products. This
CVE-2024-43762 - Local Privilege Escalation Due to Service Unbinding Logic Error
Date: June 2024
Severity: High
Impact: Local Privilege Escalation (LPE)
Component: System Bound Services (affected platforms not specified for exclusivity)
A new vulnerability, CVE-2024-43762, has
CVE-2024-12907 - Reflected XSS Exploit in Kentico CMS 7's Access Denied Page
A critical security vulnerability, CVE-2024-12907, has been found in Kentico CMS version 7. This issue lets attackers perform a reflected Cross-Site Scripting (XSS) attack by
CVE-2023-47778 - How LuckyWP Scripts Control's Missing Authorization Lets Attackers Run Arbitrary Scripts on Your WordPress Site
A new vulnerability, identified as CVE-2023-47778, has been discovered in the WordPress plugin LuckyWP Scripts Control, affecting versions up to 1.2.1. This weakness
Episode
00:00:00
00:00:00