CVE-2024-31844 - Information Disclosure in Italtel Embrace 1.6.4 through Unhandled Server Errors
In April 2024, the security community identified a new vulnerability tracked as CVE-2024-31844 that affects Italtel Embrace version 1.6.4. This vulnerability occurs because
CVE-2024-36039 - PyMySQL ≤1.1. SQL Injection via Untrusted JSON Keys
PyMySQL, a popular pure-Python MySQL client, is widely used in web apps and scripts. In mid-2024, a fresh vulnerability—CVE-2024-36039—drew attention for enabling SQL
CVE-2024-27130 - Understanding the QNAP OS Buffer Copy Vulnerability and How It’s Exploited
In early June 2024, a new security vulnerability labeled CVE-2024-27130 was disclosed for QNAP’s widely used network storage systems. This flaw, found in multiple
CVE-2024-35384 - Exploiting a Denial of Service in Cesanta mjs 2.20. via mjs_array_length Function
Cesanta’s mjs is a lightweight JavaScript engine designed for constrained devices, often powering microcontroller scripts and tiny IoT products. On May 2024, a new
CVE-2024-31714 - Buffer Overflow in Waxlab Wax .9-3 and Earlier Lets Attackers Crash Apps with Lua
Security vulnerabilities in open source software aren’t just for the big names — sometimes a smaller project like Waxlab's "wax" can
Episode
00:00:00
00:00:00