CVE-2023-29505 - WebSocket Hijacking in Zoho ManageEngine Network Configuration Manager 12.6.165
In April 2023, a serious security vulnerability—CVE-2023-29505—was discovered in Zoho ManageEngine Network Configuration Manager (NCM) version 12.6.165. This flaw allows cross-site
CVE-2023-34038 - Deep Dive into VMware Horizon Server’s Information Disclosure Exploit
If you manage or use virtual desktops, you probably know about VMware Horizon Server. It’s a popular tool for delivering virtual desktops and applications.
CVE-2023-4002 - Deep Dive Into The GitLab EE Security Policy Linking Vulnerability
In August 2023, a new vulnerability—CVE-2023-4002—was disclosed in GitLab Enterprise Edition (EE), a popular self-hosted Git repository management tool. This flaw exposed organizations
CVE-2023-38950 - Exploiting a Path Traversal Vulnerability in ZKTeco BioTime v8.5.5
*Last updated: June 2024*
Introduction
Security flaws in widely-used biometric and attendance systems can have huge consequences—especially when trusted by thousands of companies worldwide.
CVE-2023-38949 - Hidden API in ZKTeco BioTime v8.5.5 Lets Attackers Reset Admin Password (Explained)
In August 2023, security researchers discovered a severe vulnerability in the ZKTeco BioTime v8.5.5 time and attendance management system. This issue, now tracked
Episode
00:00:00
00:00:00