CVE-2023-38703 - The PJSIP SRTP Use-After-Free Vulnerability Explained
If you're building or maintaining VoIP or multimedia communication apps using PJSIP, you need to know about CVE-2023-38703. This long-read post will take
CVE-2023-42445 - Breaking Down Gradle’s OOB-XXE XML Vulnerability
Published: June 26, 2023
CVSS: 7.3 (High)
Reference: Original Advisory
Gradle is a popular open-source build automation tool, commonly used for building, testing, and
CVE-2023-4586 - Exposing Hot Rod Client to MITM Attacks Due to Disabled Hostname Validation
In June 2023, security experts discovered a vulnerability identified as CVE-2023-4586 affecting the Hot Rod client—a Java-based protocol used by Infinispan and other distributed
CVE-2023-39410 - Apache Avro Deserialization Bug Can Crash Java Applications – A Deep Dive
In today's world, data interchange formats like Avro are everywhere – powering everything from big data pipelines to messaging systems. But what happens when
CVE-2023-43856 - Arbitrary File Read Vulnerability in Dreamer CMS v4.1.3 Explained
In September 2023, an arbitrary file read vulnerability — now tracked as CVE-2023-43856 — was found in Dreamer CMS v4.1.3. This bug could let an
Episode
00:00:00
00:00:00