CVE-2024-33899 - How WinRAR on Linux/UNIX Lets Attackers Spoof Output and Cause DoS with ANSI Escape Sequences
WinRAR is one of the world's most popular tools for handling compressed files, trusted by millions for archiving and extractions. While mostly famous
CVE-2024-26928 - Linux Kernel SMB Client UAF Vulnerability Explained
Recently, a security flaw labeled CVE-2024-26928 was discovered and patched in the Linux kernel. This bug affects the CIFS (SMB) client—a component used for
CVE-2022-48611 - Breaking Down the Local Privilege Escalation in iTunes 12.12.3 for Windows
In December 2022, Apple quietly patched a serious vulnerability in iTunes for Windows, tracked as CVE-2022-48611. If you’re still running anything below iTunes 12.
CVE-2024-32460 - FreeRDP `/bpp:32` Legacy GDI Bug Leads to Out-of-Bounds Read
FreeRDP is a popular open source implementation of Microsoft’s Remote Desktop Protocol (RDP). It lets users connect to Windows desktops and servers from Linux,
CVE-2023-3758 - Exploiting a Race Condition in SSSD GPO Policy Enforcement
In June 2023, a new security vulnerability, identified as CVE-2023-3758, was disclosed in the System Security Services Daemon (SSSD). This bug impacts how Group Policy
Episode
00:00:00
00:00:00