CVE-2023-28142 - Privilege Escalation via Race Condition in Qualys Cloud Agent for Windows (Detailed Analysis & Exploit)
On March 22, 2023, Qualys published a critical advisory detailing a privilege escalation vulnerability—CVE-2023-28142—affecting their popular Cloud Agent for Windows. This bug—a
CVE-2018-17450 - GitLab Kubernetes Integration SSRF Vulnerability Exploited – How It Works & What You Need to Know
In this long-read, we’ll dive deep into CVE-2018-17450—an interesting and dangerous Server-Side Request Forgery (SSRF) vulnerability that affected GitLab Community and Enterprise Edition
CVE-2023-0241 - Exploiting Directory Traversal in pgAdmin 4 — How Attackers Can Change User Settings or Alter Databases
pgAdmin 4 is among the most popular open-source administration and management tools for PostgreSQL databases worldwide. But, like any powerful tool, it sometimes carries security
CVE-2023-26358 - Untrusted Search Path Vulnerability in Adobe Creative Cloud 5.9.1 (and earlier)
Adobe’s Creative Cloud software is widely used by designers, artists, and businesses around the world. But with its popularity comes risks, especially when security
CVE-2023-23395 - Inside the Microsoft SharePoint Server Spoofing Vulnerability
In early 2023, cybersecurity researchers uncovered a significant vulnerability in Microsoft SharePoint Server, cataloged as CVE-2023-23395. This "spoofing" vulnerability has the potential to
Episode
00:00:00
00:00:00