CVE-2024-38821 - Static Resource Authorization Bypass in Spring WebFlux Explained
Spring is widely used for building Java web applications, and Spring WebFlux is its reactive, non-blocking web framework. One of the critical tasks in web
CVE-2024-31880 - Understanding and Exploiting the IBM Db2 Denial of Service Vulnerability
In June 2024, a new vulnerability—CVE-2024-31880—was publicly disclosed for IBM Db2 for Linux, UNIX, and Windows (including Db2 Connect Server), affecting versions 10.
CVE-2024-43580 - Deep Dive into the Microsoft Edge (Chromium-based) Spoofing Vulnerability
---
Introduction
On June 2024, Microsoft disclosed a security vulnerability tracked as CVE-2024-43580, which affects Microsoft Edge (the Chromium-based version). This issue is classified as
CVE-2024-45731 - Exploiting Path Traversal in Splunk Enterprise for Windows to Write Files in System32
In May 2024, a critical security vulnerability—CVE-2024-45731—was disclosed affecting Splunk Enterprise for Windows. This flaw allows any non-admin, non-power user to write files
CVE-2024-9936 - Understanding the Firefox Selection Node Cache Exploit (A Simple Guide with Code and Details)
---
*CVE-2024-9936* is a fresh vulnerability that affected certain versions of Mozilla Firefox (specifically, all versions before 131..3). This issue was about how Firefox
Episode
00:00:00
00:00:00