CVE-2023-2422 - How Keycloak’s mTLS Flaw Lets Attackers Impersonate Any Client
Keycloak is an open source identity and access management tool used widely to secure modern applications. In April 2023, a serious security vulnerability was discovered
CVE-2023-4911 - Breaking Down the Glibc Tunables Buffer Overflow and Privilege Escalation
In October 2023, the security community became aware of a significant vulnerability in the GNU C Library’s dynamic loader (ld.so). This buffer overflow,
CVE-2023-3223 - How a Sneaky Multipart Upload Flaw in Undertow Could Crash Your Java Server
---
Introduction
Did you know a simple tweak to an HTTP request could bring some Java servers to their knees? That’s what happened with
CVE-2023-42753 - How A Simple Array Index Bug in Linux Netfilter Opens Doors To Local Privilege Escalation
In September 2023, a critical kernel vulnerability identified as CVE-2023-42753 was publicly disclosed. It affects the netfilter subsystem—the backbone of modern firewalls in Linux.
CVE-2022-4137 - Understanding the Keycloak OAuth 'oob' Endpoint Reflected XSS Vulnerability
---
Introduction
In the world of application security, Cross-Site Scripting (XSS) issues remain a persistent and dangerous problem. One such flaw, tracked as CVE-2022-4137, was
Episode
00:00:00
00:00:00