CVE-2023-4911 - Breaking Down the Glibc Tunables Buffer Overflow and Privilege Escalation
In October 2023, the security community became aware of a significant vulnerability in the GNU C Library’s dynamic loader (ld.so). This buffer overflow,
CVE-2023-5077 - How HashiCorp Vault Leaked Google Cloud IAM Conditions (and How It Was Fixed)
In late 2023, a security flaw — CVE-2023-5077 — was found in HashiCorp Vault, a popular secret management tool. This bug was pretty serious for any team
CVE-2023-42812 - Server Side Request Forgery (SSRF) Vulnerability in Galaxy Before Version 22.05 – Full Breakdown and Exploit Example
Galaxy is a popular open-source platform widely used for FAIR (Findable, Accessible, Interoperable, and Reusable) data analysis in scientific research. It enables researchers to easily
CVE-2023-2163 - Breaking the Kernel with BPF – How Incorrect Verifier Pruning in Linux >=5.4 Enables Arbitrary Kernel Memory Access, Privilege Escalation, and Container Escape
---
The Linux kernel is the heart of many servers, desktops, embedded devices, and – increasingly – the cloud. For years, the extended Berkeley Packet Filter (eBPF
CVE-2023-4155 - Dangerous Race Condition in KVM AMD SEV-ES/SNP Exposes Linux Guests and Hosts
A dangerous vulnerability, tracked as CVE-2023-4155, was found in the Linux kernel KVM module, affecting systems using AMD’s Secure Encrypted Virtualization features (SEV-ES and
Episode
00:00:00
00:00:00