CVE-2023-39593 - Insecure Permissions in MariaDB sys_exec Function Explained
CVE-2023-39593 is a security issue that caused a buzz in the MariaDB user community. This potential vulnerability is about how the sys_exec function in
CVE-2024-27766 - MariaDB v11.1 Remote Code Execution via `lib_mysqludf_sys.so` — Understanding the Risks, Disputes, and Exploit Demonstration
In early 2024, a vulnerability was reported as CVE-2024-27766, affecting MariaDB version 11.1. According to the initial report, a remote attacker could potentially execute
CVE-2024-6333 - Authenticated Remote Code Execution in Xerox AltaLink, VersaLink, & WorkCentre Printers
In June 2024, a security vulnerability labeled CVE-2024-6333 came to light, affecting a broad range of Xerox multifunction printers including AltaLink, VersaLink, and WorkCentre models.
CVE-2024-9143 - Understanding the Risks in OpenSSL's GF(2^m) Curve APIs
A vulnerability (CVE-2024-9143) in OpenSSL’s binary elliptic curve cryptography APIs can allow attackers to trigger out-of-bounds memory access by supplying custom, “exotic” curve parameters.
CVE-2024-22029 - Exploiting Insecure Tomcat Package Permissions for Local Root Escalation
Tomcat is one of the world's most widely used application servers, especially in enterprise environments. In January 2024, a severe vulnerability was discovered
Episode
00:00:00
00:00:00