CVE-2024-35384 - Exploiting a Denial of Service in Cesanta mjs 2.20. via mjs_array_length Function
Cesanta’s mjs is a lightweight JavaScript engine designed for constrained devices, often powering microcontroller scripts and tiny IoT products. On May 2024, a new
CVE-2024-31714 - Buffer Overflow in Waxlab Wax .9-3 and Earlier Lets Attackers Crash Apps with Lua
Security vulnerabilities in open source software aren’t just for the big names — sometimes a smaller project like Waxlab's "wax" can
CVE-2024-24293 - Prototype Pollution and Remote Code Execution in `@bit/loader` v10..3 Explained
CVE-2024-24293 is a serious vulnerability discovered in the @bit/loader npm package (maintained by MiguelCastillo), specifically up to and including version 10..3. This post
CVE-2024-4323 - Decoding the Fluent Bit Memory Corruption Vulnerability and Exploit Walkthrough
In June 2024, a new vulnerability rocked the cloud logging world: CVE-2024-4323. This is a memory corruption bug in Fluent Bit, an open-source log processor
CVE-2024-2771 - Critical Privilege Escalation in Fluent Forms Plugin Makes WordPress Sites Vulnerable
Fluent Forms is one of the most popular contact form plugins for WordPress, powering thousands of sites with easy drag-and-drop form building, surveys, and quizzes.
Episode
00:00:00
00:00:00