CVE-2022-2084 - How Cloud-Init Logs Could Leak Sensitive Data (Including Hashed Passwords) Before v22.3
Cloud-init is a backbone tool for many cloud deployments, automatically handling initial system configuration when a machine boots for the first time. But before version
CVE-2023-21912 - How a Privilege Flaw in MySQL Lets Anyone Crash Your Database
In January 2023, Oracle published a security advisory for a critical vulnerability in MySQL Server: CVE-2023-21912. This is no minor bug — it allows attackers _without_
CVE-2023-28142 - Privilege Escalation via Race Condition in Qualys Cloud Agent for Windows (Detailed Analysis & Exploit)
On March 22, 2023, Qualys published a critical advisory detailing a privilege escalation vulnerability—CVE-2023-28142—affecting their popular Cloud Agent for Windows. This bug—a
CVE-2018-17450 - GitLab Kubernetes Integration SSRF Vulnerability Exploited – How It Works & What You Need to Know
In this long-read, we’ll dive deep into CVE-2018-17450—an interesting and dangerous Server-Side Request Forgery (SSRF) vulnerability that affected GitLab Community and Enterprise Edition
CVE-2023-0241 - Exploiting Directory Traversal in pgAdmin 4 — How Attackers Can Change User Settings or Alter Databases
pgAdmin 4 is among the most popular open-source administration and management tools for PostgreSQL databases worldwide. But, like any powerful tool, it sometimes carries security
Episode
00:00:00
00:00:00