CVE-2023-32193 - Unauthenticated Cross-Site Scripting (XSS) in Norman’s Public API—Explained with Exploit Example
In early 2023, security researchers uncovered CVE-2023-32193, a serious vulnerability in Norman’s public API. This bug allows unauthenticated attackers to inject malicious JavaScript on
CVE-2023-32194 - How Kubernetes Role Assignment Can Leak Dangerous Namespace Permissions
Security in Kubernetes clusters can get pretty complex. While roles and permissions protect your workloads, sometimes there are vulnerabilities in how these permissions get handed
CVE-2023-32188 - How NeuVector’s JWT Vulnerability Can Lead to RCE—A Deep Dive
CVE-2023-32188 is a critical vulnerability that surfaced in NeuVector, a popular container security platform. This bug revolves around how NeuVector handled JWT (JSON Web Token)
CVE-2023-22649 - Sensitive Data Exposure in Rancher Audit Logs Explained
Date identified: January 2023
CVSS Score: 5.3 (Medium)
Impacted Product: Rancher (all versions prior to 2.7.)
Reference: Rancher Security Advisory
Audit logs are
CVE-2024-9958 - UI Spoofing in Google Chrome Picture-in-Picture — Full Analysis & Exploit Explained
Published June 2024
Exploit Difficulty: Medium · Severity: Medium
Scope: Chrome < 130..6723.58 · Reported by Google Project Zero
Introduction
On June 2024, Google published
Episode
00:00:00
00:00:00