CVE-2024-11706 - Understanding the Null Pointer Dereference in pk12util (`SEC_ASN1DecodeItem_Util`) and Its Exploitation
In early 2024, a security flaw tagged as CVE-2024-11706 was discovered in the way Mozilla's pk12util tool handles certain certificate-related files. The bug
CVE-2024-11698 - Stuck in Fullscreen—A macOS Flaw That Traps Firefox and Thunderbird
Imagine going fullscreen in Firefox or Thunderbird on your Mac, then opening a dialog—maybe a download prompt or a permissions pop-up. The screen darkens,
CVE-2024-11693 - Unwarned .library-ms File Downloads in Firefox and Thunderbird (Exploit & Analysis)
A critical vulnerability, CVE-2024-11693, was discovered affecting several versions of Firefox, Firefox ESR, and Thunderbird on Windows systems. This post takes a deep dive into
CVE-2024-11691 - WebGL Out-of-Bounds Write on Apple M Series (A Deep Dive into Firefox and Thunderbird Vulnerability)
In early 2024, a dangerous bug was found in Apple's GPU driver, that could let a carefully crafted WebGL operation corrupt device memory
CVE-2020-25720: Unintended Privilege Escalation in Samba due to Insecure Object Creation
A security vulnerability was recently discovered in Samba, a popular software suite that provides file and print services for various Windows-compatible clients. The vulnerability, labeled
Episode
00:00:00
00:00:00