CVE-2024-4956 - Path Traversal in Sonatype Nexus Repository 3 Exposes Sensitive System Files (Exploit Included)
A new and dangerous vulnerability (CVE-2024-4956) has been discovered in Sonatype Nexus Repository 3, a tool used by thousands of organizations to manage software components.
CVE-2024-32888 - Exploiting SQL Injection in Amazon Redshift JDBC Driver (`preferQueryMode=simple`)
In June 2024, a new security vulnerability was disclosed in the Amazon Redshift JDBC Driver, tracked as CVE-2024-32888. This vulnerability allows SQL injection attacks when
CVE-2024-30059 - Understanding and Exploiting Microsoft Intune for Android MAM Tampering
Microsoft Intune is a leading endpoint management tool, often relied upon by enterprises to secure devices and apps, especially in BYOD (bring your own device)
CVE-2024-30172 - Bouncy Castle Ed25519 Infinite Loop Exploit Explained (with Code Examples)
*Published June 2024*
Bouncy Castle is a popular set of cryptography libraries in Java and other languages. But even the most trusted security tools sometimes
CVE-2024-30171 - Timing Attack Risk in Bouncy Castle’s Java TLS API and JSSE Provider – Explained, Exploited, and Patched
Bouncy Castle is one of the most trusted libraries for cryptographic operations in Java. Used by developers and organizations worldwide, its TLS API and JSSE
Episode
00:00:00
00:00:00