CVE-2023-28362 - Rails `redirect_to` Can Break RFC-Compliant Location Headers — What You Need to Know
If you’re building web apps in Ruby on Rails, you’re probably familiar with the redirect_to helper. But did you know that up
CVE-2023-27539 - Denial of Service in Rack Header Parsing – Explained and Exploited
Rack is a core library for handling HTTP requests in Ruby web frameworks like Rails, Sinatra, and others. In March 2023, security researchers discovered CVE-2023-27539,
CVE-2023-38037 - Danger in ActiveSupport::EncryptedFile – How Your Secret Files Could Leak to Other Users
ActiveSupport, part of the popular Rails framework, helps developers keep sensitive data safe by handling encrypted files. But in 2023, a serious security issue was
CVE-2025-0283 - Ivanti Connect Secure Stack-Based Buffer Overflow Leads to Local Privilege Escalation
This vulnerability is a stack-based buffer overflow, which means an attacker can write more data than expected into a program's memory—potentially overwriting
CVE-2025-0282 - Exploiting a Critical Stack-Based Buffer Overflow in Ivanti VPNs for Remote Code Execution
June 2024 brought forward one of the most significant vulnerabilities so far this year: CVE-2025-0282. Found in multiple Ivanti VPN products, including Connect Secure, Policy
Episode
00:00:00
00:00:00