123 - DynamicWeb RCE, VMWare Bugs, and Exploiting GitHub Actions
Re-accessing the stup page, an unlikely scenario leaking Github Secrets, and a proxying issue in Carbon Black.
122 - Zynq-7000 Secure Boot Bypass and Compiler-Created Bugs
Just one vulnerability this week, a secure boot bypass, and some research into detecting compiler introduced bugs. Ending the week with a discussion about how to learn fuzzing.
121 - CoinDesk, Zabbix, and Leaking Secrets Through Mirrored Repos
Lets talk about "sidedoors" this week, with two vulnerabilities abusing alternative access points, along with an overly verbose error message that actually had some immediate impact, and a look at the challenges of client-sided session.
120 - Another Kernel TIPC Bug, MySQL, and Buggy Go
This week we discuss taint analysis and where to use it compared with fuzzing, a couple buggy code patterns in Go to be on the lookout for, and another remote stack-overflow in the Kernel TIPC module.
119 - Baby Monitor Bugs, Grafana, and Twitter De-anonymization
CSRF lives again in the form of CORF, Cross-Origin Request Forgery with an attack against Grafana. We also take a look at some baby monitor issues and a de-anonymization attack against Twitter.
118 - Fastly Infoleak, Samba OOB Access, and Pwning MacOS
A discussion heavy episode this week as we speculate about how some XNU code passed muster, and how to exploit a small overflow and weaponizing a large info-leak.
117 - Hacking Google Drive Integrations and XSS Puzzles
A "maybe" issue this week in Ruby's net/http library, some long chains leading to XSS, and a look at abusing parameter injection for SSRF in applications integrating with the Google Drive API.
116 - PwnKit, a Win32k Type Confusion, and Binary Ninja 3.0
Binary ninja 3.0 just dropped, lets talk about that, then into pwnkit and a couple kernel bugs, and ending this week off with a discussion about dealing with imposter syndrome.
115 - Zoho Auth Bypass, a Bogus Bug, and Leaking Microsoft Bug Reports
A few unique issues this week, routing issues in ManageEngine, a Little Snitch bypass, an undecodable characters leading to a denial of service.
114 - NetUSB RCE, a Kernel Heap Overflow, & an XNU UAF
Integer overflows and underflow this week, covering vulns from desktop Zoom clients, to kernel and some routers.