CVE-2024-12797 - How a Raw Public Key TLS Authentication Bug in OpenSSL Can Let MITM Attacks Slip Through
---
Introduction
In March 2024, a significant vulnerability—CVE-2024-12797—was disclosed in OpenSSL affecting some clients using RFC725 Raw Public Keys (RPK) for TLS or
CVE-2025-1014 - Unchecked Certificate Length in Firefox and Thunderbird – Analysis, Code Example, and Exploit Details
On June 2024, Mozilla disclosed a new security vulnerability tracked as CVE-2025-1014. This flaw affects some of the most widely used open-source browsers and email
CVE-2025-23028 - Denial of Service in Cilium DNS Proxy (Exclusive Breakdown & Exploit Details)
Cilium is a popular networking, observability, and security layer for Kubernetes clusters. It uses eBPF, a powerful Linux kernel technology, to manage network traffic and
CVE-2025-21614 - Denial of Service Vulnerability in go-git (Pre v5.13)
On June 4, 2024, a denial of service (DoS) vulnerability was made public for go-git—a powerful library used in many Go projects to interact
CVE-2024-56521 - Dangerous SSL Verification Defaults in TCPDF (<6.8.) - How Your PDFs May Be at Risk
If you generate PDFs in PHP, you may have run into a popular library called TCPDF. It’s used all over the world to create
Episode
00:00:00
00:00:00