CVE-2023-38840 - How Bitwarden Desktop 2023.7. Leaks Secrets Through Local Process Memory
CVE-2023-38840 is a security vulnerability found in Bitwarden Desktop, versions 2023.7. and below. If an attacker can run code on the same machine as
CVE-2023-32004 - Escaping Node.js 20’s Permission Wall via Buffer Path Bypass (Exploit Explained!)
A new security vulnerability, CVE-2023-32004, made headlines for Node.js 20 users, especially those experimenting with Node's *experimental permission model*. This flaw allows
CVE-2021-28429 - Integer Overflow in FFmpeg’s av_timecode_make_string Function—How Malicious .mov Files Could Crash Your Apps
FFmpeg is a name you probably hear a lot if you work with video or audio processing on Linux or even on some Windows or
CVE-2023-23908 - How Improper Access Control in 3rd Gen Intel Xeon Scalable CPUs Enables Information Disclosure
Security vulnerabilities in hardware are a big deal, especially when they affect vital parts like processors. In early 2023, Intel disclosed CVE-2023-23908, a vulnerability affecting
CVE-2022-40982 - Information Exposure via Microarchitectural State in Intel CPUs—A Deep Dive
In September 2023, Intel published a security advisory about CVE-2022-40982, a vulnerability affecting many of its modern processors. This long-form post will break down what
Episode
00:00:00
00:00:00