CVE-2023-34429 - How a Forged JWT Token Can Crash Weintek Weincloud v.13.6
Weintek Weincloud is a popular cloud service for connecting and monitoring Human-Machine Interfaces (HMI) in industrial setups. In May 2023, a significant vulnerability, CVE-2023-34429, was
CVE-2023-37266 - How Attackers Could Take Over Your CasaOS Server Using Fake JWTs
CasaOS is a popular open-source personal cloud system, allowing users to manage files, apps, and even run containers from an easy-to-use web interface. But in
CVE-2023-29357 - Inside the Microsoft SharePoint Server Elevation of Privilege Vulnerability
In June 2023, Microsoft patched a critical flaw tracked as CVE-2023-29357 affecting SharePoint Server. This vulnerability was so serious that Microsoft gave it a CVSS
CVE-2022-44244 - Authentication Bypass in Lin-CMS v.2.1 Exploited for Super Admin Privileges
If you use Lin-CMS, a popular content management system for developers, you need to know about CVE-2022-44244. This serious vulnerability in version .2.1 could
CVE-2022-39366 - Critical Auth Bypass in DataHub—How Unverified JWTs Threaten Your Metadata
Summary:
A critical security flaw—CVE-2022-39366—was discovered in DataHub, an open-source metadata platform, in its Metadata Service (GMS). The flaw allowed anyone to bypass
Episode
00:00:00
00:00:00