CVE-2023-44760 - Multiple XSS Vulnerabilities in Concrete CMS v9.2.1 - What You Need to Know
In late 2023, security researcher sromanhu reported a set of Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v9.2.1 under CVE-2023-44760. This report
CVE-2022-4943 - How a Serious Flaw in miniOrange’s Google Authenticator Plugin Let Attackers Bypass Authorization
If you are running a WordPress website, chances are you care about security. Maybe you even opted for a two-factor authentication plugin like miniOrange’s
CVE-2023-45810 - How OpenFGA’s ListObjects Bug Can Break Your Authorization Service
OpenFGA is quickly becoming a popular choice among developers for flexible permissions and authorization logic, inspired by the famous Google Zanzibar paper. But like any
CVE-2023-4457 - How a Google Sheets Plugin Bug in Grafana Exposed API Keys
Grafana is one of the most popular open-source platforms for monitoring your infrastructure, systems, and applications. With its vibrant ecosystem, users often connect extra data
CVE-2023-42752 - How a Linux Integer Overflow Leads to Userland Kernel Code Execution (with Exploit Details)
An integer overflow in the Linux kernel might sound like just another bug, but CVE-2023-42752 packs real punch. This flaw can let an attacker run
Episode
00:00:00
00:00:00