CVE-2023-35078 - Critical Authentication Bypass in Ivanti Endpoint Manager Mobile — Exploit Details and How to Fix
In July 2023, a critical vulnerability was discovered in Ivanti Endpoint Manager Mobile (EPMM), which was known as MobileIron Core. This security hole, tracked as
CVE-2023-3745 - Heap-Based Buffer Overflow in ImageMagick’s PushCharPixel() Exposes Systems to DoS Attacks
ImageMagick has long been a popular tool for processing and editing images, but no software is immune to bugs and security risks. One of the
CVE-2023-37918 - Dapr’s API Token Authentication Bypass — What Happened and How to Stay Safe
Dapr (Distributed Application Runtime) is a lightweight, event-driven runtime designed to help developers build resilient, microservice-based applications that can run on the cloud or edge.
CVE-2023-37916 - How a Simple API Leak in KubePi Exposed All User Password Hashes
KubePi is a popular open source web panel for managing Kubernetes clusters—it makes life a lot easier for devops teams and cloud admins. But
CVE-2023-3102 - Sensitive Information Leak in GitLab EE Lets Attackers Read Private Issue and MR Titles
GitLab is one of the world’s most popular platforms for software development and DevOps, used by thousands of companies for collaboration and code management.
Episode
00:00:00
00:00:00