06 April 2021 Show Notes 71 - Speculation in Predictive Store Forwarding, Broken Fixes, and Owning Rocket.Chat 00:00:46 nOtWASP bottom 10: vulnerabilities that make you cry 00:07:28 Click here for free TV! - Chaining bugs to takeover Wind Vision accounts 00:15:28 Elevate Yourself to Admin in Umbraco CMS 8.9.0 (CVE-2020-29454) 00:23:19 "netmask" npm package vulnerable to octal input data [CVE-2021-28918] 00:28:38 [HackerOne] Jira integration plugin Leaked JWT 00:33:20 [Kaspersky] A vulnerability in KAVKIS 2020 products family allows full disabling of protection 00:38:06 [Rocket.Chat] Account takeover via XSS 00:43:18 This man thought opening a TXT file is fine, he thought wrong. macOS [CVE-2019-8761] 00:52:41 Who Contains the Containers? 01:06:11 Getting Code Execution on Apache Druid [CVE-2021-25646] 01:12:59 Security Analysis of AMD Predictive Store Forwarding 01:19:58 Pluralsight free for April 01:21:54 Pwn2Own 2021