CVE-2024-54002 - Exploiting a Timing Attack in Dependency-Track’s Login Endpoint
Dependency-Track is a popular open-source tool that helps companies detect risks in their software supply chain by tracking dependencies and vulnerabilities. In June 2024, a
CVE-2024-54132 - Path Traversal Vulnerability in GitHub CLI’s “gh run download” Command
GitHub CLI, the official command line tool for GitHub, empowers developers to manage repositories, workflows, and more directly from the terminal. However, with great power
CVE-2024-54134 - Solana’s @solana/web3.js NPM Package Compromise and What Developers Must Know
In late 2024, the Solana developer community faced a serious supply-chain security threat: the JavaScript library @solana/web3.js, used by thousands of Solana-based decentralized
CVE-2024-53140 - Netlink Socket Dump Termination Vulnerability in Linux Kernel – Root Cause & Exploit Details
In June 2024, the Linux kernel team resolved a significant vulnerability tracked as CVE-2024-53140, which impacts the netlink subsystem’s dump process. This post will
CVE-2024-53139 - Linux Kernel SCTP Use-After-Free Flaw (sctp_v6_available) Explained
A critical bug (CVE-2024-53139) was discovered and fixed in the Linux kernel related to the implementation of SCTP (Stream Control Transmission Protocol). This flaw could
Episode
00:00:00
00:00:00