CVE-2023-40397 - How a Remote Attacker Could Run JavaScript Code on Your Mac (Fixed in macOS Ventura 13.5)
In mid-2023, Apple quietly patched a dangerous vulnerability in macOS Ventura known as CVE-2023-40397. This security hole could have let remote attackers execute arbitrary JavaScript
CVE-2023-4761 - Out of Bounds Memory Access in FedCM in Google Chrome – What Happened, How It Works, and How Attackers Could Exploit It
In August 2023, Google patched a high-severity vulnerability in Chrome known as CVE-2023-4761. This flaw affected Chrome’s FedCM (Federated Credential Management) component, and more
CVE-2023-1409 - How Misconfigured TLS Lets Attackers Bypass MongoDB Client Certificate Validation on Windows & macOS
In March 2023, the MongoDB team discovered a dangerous vulnerability with heavy implications for anyone running MongoDB Server on Windows or macOS using TLS. This
CVE-2023-28198 - Use-After-Free Vulnerability in WebKit – Deep Dive and Exploit Example
If you use an iPhone, iPad, or Mac, you’re probably hearing a lot about software updates. Sometimes, updates fix small bugs, but in other
CVE-2022-48503 - How WebKit’s Bounds Check Flaw Put Apple Devices at Risk
In July 2022, Apple patched a critical vulnerability known as CVE-2022-48503, impacting the famous WebKit browser engine. This subtle flaw allowed attackers to run malicious
Episode
00:00:00
00:00:00