CVE-2024-29510 - Breaking Down the Ghostscript Memory Corruption and SAFER Sandbox Bypass (with Code Example)
---
Introduction
CVE-2024-29510 is a fresh and critical vulnerability shaking up the world of open-source printing and PDF handling. If you’re using Artifex Ghostscript
CVE-2024-37082 - How Custom HAProxy Config Can Let Attackers Bypass mTLS in Cloud Foundry – Analysis, PoC, and Fix
In 2024, a tricky vulnerability (now logged as CVE-2024-37082) was discovered in deployments of Cloud Foundry using the haproxy-boshrelease. This security issue isn’t just
CVE-2024-24791 - Exploiting Go net/http "Expect: 100-continue" Client Handling for DoS
Go’s net/http package is a cornerstone for many web applications and services, powering everything from simple HTTP servers to robust reverse proxies. But
CVE-2024-39891 - Exposed Authy Phone Number Lookup — How Twilio’s API Leaked User Data
In June 2024, security researchers spotted a worrying flaw in the Twilio Authy API—used by millions for secure two-factor authentication. This vulnerability, logged as
CVE-2024-34122 - Out-of-Bounds Read Vulnerability in Acrobat for Edge Exposes Users to Remote Code Execution
Summary:
Recently, a serious vulnerability, CVE-2024-34122, was discovered in Adobe Acrobat’s Edge browser extension (versions 126..2592.68 and earlier). This out-of-bounds read bug
Episode
00:00:00
00:00:00