CVE-2023-0925 - Unauthenticated Remote Code Execution in webMethods OneData via Exposed Java RMI
In early 2023, a critical vulnerability—CVE-2023-0925—was discovered in webMethods OneData (version 10.11), a popular data management platform by Software AG. The vulnerability
CVE-2023-41935 - Exploiting Timing Attacks in Jenkins Azure AD Plugin (396.v86ce29279947 and Earlier)
Jenkins is a widely used automation server for building, testing, and deploying software projects. With countless plugins for integration, security is always a top concern.
CVE-2023-41931 - Exploiting Jenkins Job Configuration History Plugin XSS Vulnerability (Detailed Walkthrough)
Jenkins is one of the most widely used open-source automation servers for continuous integration and continuous delivery (CI/CD). Plugins expand Jenkins features but sometimes
CVE-2023-40743 - Dangerous Service Lookups in Apache Axis 1.x Can Lead to RCE, SSRF, and DOS
In August 2023, a high-impact vulnerability was disclosed affecting applications based on Apache Axis 1.x, a Java-based SOAP engine. Identified as CVE-2023-40743, this flaw
CVE-2023-40826 - Exploiting the pf4j `zipPluginPath` Vulnerability for Remote Code Execution
*CVE-2023-40826* shines a spotlight on a dangerous security weakness found in the pf4j plugin system, specifically versions up to 3.9.. With this vulnerability, attackers
Episode
00:00:00
00:00:00