CVE-2023-21967 - Oracle Java SE JSSE DoS Vulnerability Explained with Demo
In early 2023, a new security issue called CVE-2023-21967 was discovered in the JSSE (Java Secure Socket Extension) component of Oracle Java SE and Oracle
CVE-2023-21971 - Exploiting Oracle MySQL Connector/J Denial of Service and Data Manipulation
Oracle MySQL is a critical backend for millions of applications around the world. It connects to various programming languages using special "connectors." However,
CVE-2021-33990 - **DISPUTED** File Upload Flaw in Liferay Portal 6.2.5 – Facts, Fears, and the Real Story
There's been a unique debate in the security world about CVE-2021-33990. If you use Liferay Portal 6.2.5, you might have seen
CVE-2023-2101 - Absolute Path Traversal in Mogu Blog v2 (<= 5.2) – Full Exploit Analysis
In April 2023, a path traversal vulnerability was made public for Mogu Blog, an open-source blog platform developed in Java. This vulnerability, identified as CVE-2023-2101
CVE-2023-20863 - How a Simple Spring SpEL Expression Can Take Down Your App (With Exploit Code and Details)
Spring Framework is everywhere in the Java world, powering millions of web applications, APIs, and enterprise systems. Sometimes, though, even trusted frameworks like Spring develop
Episode
00:00:00
00:00:00