CVE-2023-27539 - Denial of Service in Rack Header Parsing – Explained and Exploited
Rack is a core library for handling HTTP requests in Ruby web frameworks like Rails, Sinatra, and others. In March 2023, security researchers discovered CVE-2023-27539,
CVE-2023-38037 - Danger in ActiveSupport::EncryptedFile – How Your Secret Files Could Leak to Other Users
ActiveSupport, part of the popular Rails framework, helps developers keep sensitive data safe by handling encrypted files. But in 2023, a serious security issue was
CVE-2023-28120 - Understanding and Exploiting the ActiveSupport `bytesplice` SafeBuffer Vulnerability
---
Introduction
In March 2023, a security vulnerability in Ruby on Rails' ActiveSupport component caught the attention of developers everywhere. Tagged as CVE-2023-28120, this
CVE-2025-0283 - Ivanti Connect Secure Stack-Based Buffer Overflow Leads to Local Privilege Escalation
This vulnerability is a stack-based buffer overflow, which means an attacker can write more data than expected into a program's memory—potentially overwriting
CVE-2025-0282 - Exploiting a Critical Stack-Based Buffer Overflow in Ivanti VPNs for Remote Code Execution
June 2024 brought forward one of the most significant vulnerabilities so far this year: CVE-2025-0282. Found in multiple Ivanti VPN products, including Connect Secure, Policy
Episode
00:00:00
00:00:00