DiscoverThe Exploit Podcast: CVEs and Security NewsOpenVPN Code Injection, go-git Command Injection, Perl OAuth Nonce Manipulation and more
OpenVPN Code Injection, go-git Command Injection, Perl OAuth Nonce Manipulation and more

OpenVPN Code Injection, go-git Command Injection, Perl OAuth Nonce Manipulation and more

Update: 2025-01-30
Share

Description

Week ending 9th Jan. This episode dives into some of the most critical security vulnerabilities recently discovered. From web applications to network devices and authentication systems, we break down how these exploits work, their potential impact, and what can be done to mitigate them. Whether you're a security professional or just curious about the latest threats, this discussion will keep you informed. Stay ahead of the curve—tune in now!


These podcasts are auto-generated from the CVE feeds. Please use the information at your own risk.

Comments 
loading
In Channel
Camera Hijack on Unifi Protect, Dylib Hijacking in Davinci Resolve, Non-deterministic Deserialization in IBC-go, Authentication Bypass in CyberArk, RCE in Uniguest Tripleplay and more

Camera Hijack on Unifi Protect, Dylib Hijacking in Davinci Resolve, Non-deterministic Deserialization in IBC-go, Authentication Bypass in CyberArk, RCE in Uniguest Tripleplay and more

2025-03-0728:46

JWT Validation Failure In Jupyter Hub, Arbitrary File Upload and SQL Injection in Mattermost, Path Traversal File Deletion in Mautic, Desrialization Of Untrusted Data in MetaSlider and more

JWT Validation Failure In Jupyter Hub, Arbitrary File Upload and SQL Injection in Mattermost, Path Traversal File Deletion in Mautic, Desrialization Of Untrusted Data in MetaSlider and more

2025-02-2718:42

Integer Overflow in Mercedes-Benz, RCE via Deserialization in Apache Ignite, Improper Authentication in Orca HCM, Plaintext Password in Netgear C7800 and more

Integer Overflow in Mercedes-Benz, RCE via Deserialization in Apache Ignite, Improper Authentication in Orca HCM, Plaintext Password in Netgear C7800 and more

2025-02-2030:03

Remote code execution via Prompt Injection in PandasAI, Unverified password change vulnerability in Janto, Private Key Extraction in Elliptic (JS) and Regex Denial of Service in Koa and more

Remote code execution via Prompt Injection in PandasAI, Unverified password change vulnerability in Janto, Private Key Extraction in Elliptic (JS) and Regex Denial of Service in Koa and more

2025-02-1326:20

Django Unicorn Class Pollution, GeoTools XPath Manipulation, Eladmin CSV Injection, Zimbra SQL Injection, Woocomerce Taxi Booking Deserialization and more

Django Unicorn Class Pollution, GeoTools XPath Manipulation, Eladmin CSV Injection, Zimbra SQL Injection, Woocomerce Taxi Booking Deserialization and more

2025-02-0620:20

Code Injection via UnTar in DJL, Header Bypass in ismp-grandpa, Arbitrary File Upload in Wordpress Plugin and more

Code Injection via UnTar in DJL, Header Bypass in ismp-grandpa, Arbitrary File Upload in Wordpress Plugin and more

2025-01-3034:55

Account Takeover in Wordpress Plugin, SQL Injection in APlus, SSRF in Apache Ranger UI and more

Account Takeover in Wordpress Plugin, SQL Injection in APlus, SSRF in Apache Ranger UI and more

2025-01-3022:57

Search Injection in Mongoose, Insecure Serialization Rosa Open Source, XWiki Realtime Editor Privilege Escalation and more

Search Injection in Mongoose, Insecure Serialization Rosa Open Source, XWiki Realtime Editor Privilege Escalation and more

2025-01-3019:06

OpenVPN Code Injection, go-git Command Injection, Perl OAuth Nonce Manipulation and more

OpenVPN Code Injection, go-git Command Injection, Perl OAuth Nonce Manipulation and more

2025-01-3016:11

Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
1.0x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

OpenVPN Code Injection, go-git Command Injection, Perl OAuth Nonce Manipulation and more

OpenVPN Code Injection, go-git Command Injection, Perl OAuth Nonce Manipulation and more

SecurityPod