CVE-2023-38185 - Unpacking the Microsoft Exchange Server Remote Code Execution Vulnerability
---
If you manage a Microsoft Exchange Server, you know they're vital to business communications—but they're also highly targeted by
CVE-2023-37486 - How SAP Commerce OCC API Leaked Sensitive Info — Deep Dive, Proof of Concept, and Mitigation
SAP Commerce is a leading solution for handling digital commerce, powering online shops, catalogs, checkouts, and customer accounts for many big companies all over the
CVE-2023-37470 - Remote Code Execution in Metabase via H2 Connection String Injection
Metabase is a widely used open-source business intelligence (BI) and analytics platform, popular for helping users visualize and analyze their data with ease. In mid-2023,
CVE-2023-36480 - Remote Code Execution in Aerospike Java Client – Exploit Analysis & Mitigation
On June 22, 2023, a critical vulnerability was announced affecting the Aerospike Java Client—a widely used library that allows Java applications to connect to
CVE-2023-33371 - How Hardcoded JWT Key in Control ID IDSecure 4.7.26. Lets Attackers Bypass Authentication
CVE-2023-33371 is a newly disclosed and critical vulnerability found in Control ID IDSecure versions 4.7.26. and earlier. The core issue? The software uses
Episode
00:00:00
00:00:00