CVE-2023-38546 - Exploiting Cookie Injection in libcurl via Easy Handle Duplication
Published: June 2024
Severity: Medium-High
Component: libcurl (7.9.1 to 8.3.)
Original Advisory: curl.se/security/advisory
Reference Doc: curl_easy_duphandle() API
CVE-2023-45810 - How OpenFGA’s ListObjects Bug Can Break Your Authorization Service
OpenFGA is quickly becoming a popular choice among developers for flexible permissions and authorization logic, inspired by the famous Google Zanzibar paper. But like any
CVE-2023-22067 - Vulnerability in Oracle Java SE and GraalVM CORBA Component Allows Unauthorized Data Modification
On July 18, 2023, Oracle published a security advisory about a vulnerability—CVE-2023-22067—affecting Oracle Java SE and Oracle GraalVM Enterprise Edition. The bug resides
CVE-2023-22025 - Exploiting Integrity Flaws in Oracle Java SE & GraalVM Hotspot
CVE-2023-22025 is a security vulnerability that affects multiple Oracle Java and GraalVM distributions. Though officially rated as “difficult to exploit,” this flaw opens the door
CVE-2023-45807 - Exploiting OpenSearch Dashboards Tenant Permissions – How Read-Only Users Got Write Powers
OpenSearch is a popular, open-source fork of Elasticsearch and Kibana. It emerged after Elastic’s licensing change in early 2021, with the goal of keeping
Episode
00:00:00
00:00:00