CVE-2023-20052 - How a Flaw in ClamAV’s DMG DMG Parser Led to Information Disclosure
On February 15, 2023, a serious security vulnerability was published in ClamAV, the popular open-source antivirus engine. Unauthenticated attackers could exploit it remotely, leaking sensitive
CVE-2023-1017 - Exploiting Out-Of-Bounds Write in TPM2. for Denial of Service and Code Execution
Trusted Platform Module (TPM) is a critical security chip you’ll find in countless devices, from laptops to enterprise servers. TPM2. is the latest mainstream
CVE-2023-20011 - Breaking Down the Cisco APIC CSRF Vulnerability (With Exploit Guide)
In early 2023, security researchers discovered a critical web interface vulnerability in Cisco’s flagship application controllers, the Cisco Application Policy Infrastructure Controller (APIC) and
CVE-2023-22795 - Regular Expression DoS in Action Dispatch’s If-None-Match Header
Published: June 2023
Severity: High
Impact: Denial-of-Service (DoS) via Catastrophic Backtracking
Affected: Rails’ ActionDispatch <6.1.7.1 and <7..4.1 on
CVE-2022-31733 - How Apps on Cloud Foundry Leaked Secure Access Over Unproxied Ports
CVE-2022-31733 is a serious security vulnerability that impacted many users running Cloud Foundry environments between 2021 and mid-2023. In this post, we'll break
Episode
00:00:00
00:00:00