CVE-2024-8568 - Critical SQL Injection in Mini-Tmall (Up to 20240901) – Full Exploit and Analysis
A critical security vulnerability, tracked as CVE-2024-8568, has been discovered in the popular e-commerce software Mini-Tmall. All versions up to 20240901 are affected. This long
CVE-2024-42019 - Extracting NTLM Hashes from Veeam Reporter Service – How Attackers Can Steal Credentials With User Interaction
On June 12, 2024, Veeam released an advisory for a serious vulnerability—CVE-2024-42019—that affects their Reporter Service, a component often installed with Veeam Backup
CVE-2024-40711 - Deserialization of Untrusted Data Leads to Remote Code Execution (RCE)
In June 2024, a serious vulnerability surfaced under the identifier CVE-2024-40711. This security threat involves improper handling of untrusted serialized data, opening doors for unauthenticated
CVE-2024-36137 - Node.js File Descriptor Exploit in Permission Model with --allow-fs-write
A newly-discovered vulnerability, CVE-2024-36137, affects the Node.js runtime when using the *experimental permission model*. This flaw allows attackers to bypass the intended security restrictions
CVE-2023-39333 - Injecting JavaScript with WebAssembly Export Names in Node.js
WebAssembly (WASM) is a powerful tool for running high-performance code in browsers and other environments. But what happens when the very WASM modules you bring
Episode
00:00:00
00:00:00