CVE-2024-36465 - How Regular Zabbix Users Can Exploit SQL Injection via groupBy Parameter
In June 2024, a severe security vulnerability—CVE-2024-36465—was publicly disclosed for Zabbix, a popular open-source monitoring tool used to track the status of servers
CVE-2025-3067 - Exploiting Chrome Custom Tabs on Android for Privilege Escalation (Full Breakdown & Demo Code)
---
CVE-2025-3067 is a medium-severity vulnerability reported in March 2025, specifically impacting how Google Chrome on Android handled "Custom Tabs" before version 135.
CVE-2025-21934 - API Misuse in Linux Kernel rapidio Subsystem – Details and Exploit Walkthrough
On March 2024, a vulnerability was disclosed in the Linux kernel’s RapidIO subsystem, tracked as CVE-2025-21934. This post will break down what went wrong,
CVE-2025-3028 - Exploiting a Use-After-Free in Firefox’s XSLTProcessor – How Dangerous JavaScript Code Can Run
In early 2025, a serious vulnerability was discovered and patched in Mozilla Firefox and Thunderbird – specifically affecting how JavaScript can run when transforming documents with
CVE-2025-30798 - Reflected Cross-site Scripting in rickonline_nl Better WishList API up to 1.1.4 – Exploit and Analysis
---
Introduction
A new vulnerability—CVE-2025-30798—has been found in the Better WishList API developed by rickonline_nl. The issue is an Improper Neutralization of
Episode
00:00:00
00:00:00