CVE-2024-21392 - Breaking Down the .NET and Visual Studio Denial of Service Vulnerability
On February 13, 2024, Microsoft published an advisory for CVE-2024-21392, a Denial of Service (DoS) vulnerability affecting both .NET and Visual Studio products. For .NET
CVE-2023-25926 - Exploiting an XXE Flaw in IBM Security Guardium Key Lifecycle Manager (SKLM)
IBM Security Guardium Key Lifecycle Manager (SKLM) is a widely-used solution for enterprise key management, providing secure key generation, storage, and distribution for data-at-rest encryption.
CVE-2023-50380 - XXE Injection in Apache Ambari — How Attackers Could Read Root Files and Escalate Privileges
Apache Ambari is a popular open-source platform for provisioning, managing, and monitoring Apache Hadoop clusters. In December 2023, a dangerous security vulnerability was disclosed: an
CVE-2023-42445 - Breaking Down Gradle’s OOB-XXE XML Vulnerability
Published: June 26, 2023
CVSS: 7.3 (High)
Reference: Original Advisory
Gradle is a popular open-source build automation tool, commonly used for building, testing, and
CVE-2023-41933 - How a Jenkins Plugin Exposed Your Sensitive Data via XXE Attacks
When it comes to DevOps and continuous delivery, Jenkins is one of the most popular tools out there. Its flexibility and massive plugin ecosystem make
Episode
00:00:00
00:00:00