CVE-2023-20105 - How an Authenticated Read-Only User Can Become Admin on Cisco Expressway and VCS
Published: June 2023
TL;DR
CVE-2023-20105 affects Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS). This security issue lets anyone with a simple
CVE-2023-3422 - Exploiting Use-After-Free in Chrome’s Guest View for Serious Attacks
When it comes to browser security, Google Chrome is known for its strong protections. But even the best software can have cracks. In this post,
CVE-2023-36632 - Understanding the Controversy Around Python’s `email.utils.parseaddr` “RecursionError”
In June 2023, a security issue was filed under the label CVE-2023-36632 affecting Python’s email.utils.parseaddr function (up to version 3.11.4)
CVE-2023-35165 - Deep Dive Into Overly Permissive IAM Trust Policies in AWS CDK EKS Cluster Constructs
AWS CDK (Cloud Development Kit) is a powerful open source framework for defining cloud infrastructure using popular programming languages. It helps developers automate the setup
CVE-2023-35759 - How Unsanitized SNMP Input in WhatsUp Gold Led to a Browserside RCE (XSS Exploit Walkthrough)
---
Introduction
In cybersecurity, simple mistakes often lead to critical vulnerabilities. One such case is CVE-2023-35759 — a Cross-Site Scripting (XSS) flaw in popular network monitoring
Episode
00:00:00
00:00:00