CVE-2023-36479 - How Jetty's CGI Servlet Bug Lets Hackers Run Rogue Commands
Published: April 2024
What is CVE-2023-36479?
CVE-2023-36479 is a serious security flaw discovered in Eclipse Jetty, a widely used open-source Java web server and servlet
CVE-2023-1108 - Denial-of-Service in Undertow via SSL Handshake Infinite Loop
A newly discovered vulnerability, CVE-2023-1108, affects the Undertow web server. This server is widely used behind application servers like WildFly and JBoss. This flaw can
CVE-2023-42503 - Exploiting Improper Input Validation in Apache Commons Compress (TAR Parsing) for Denial of Service
In late 2023, security researchers identified a Denial of Service (DoS) vulnerability in Apache Commons Compress library, affecting versions between 1.22 through 1.23.
CVE-2023-4785 - Exploiting Error Handling Flaws in Google's gRPC TCP Server for Large-Scale Denial of Service (DoS) Attacks
In 2023, a vulnerability identified as CVE-2023-4785 was disclosed in Google’s gRPC library. If you’re using gRPC C++, Python, or Ruby on a
CVE-2023-35674 - How a Logic Bug in Android’s WindowState.java Can Let Apps Bypass Foreground Restrictions
Android’s sandboxing and activity management is one of the pillars that keeps your phone secure — stopping malware from running in the background or behind
Episode
00:00:00
00:00:00