Explore >> Select a destination

You are here

 donncha.is
Reliably compromising Ubuntu desktops by attacking the crash reporter | Donncha Ó Cearbhaill
| | srcincite.io
Smarty Template Engine Multiple Sandbox Escape PHP Code Injection Vulnerabilities
3.7 parsecs away

Travel
| | In this blog post we explore two different sandbox escape vulnerabilities discovered in the Smarty Template Engine that can be leveraged by a context dependa...
| | positive.security
Allow arbitrary URLs, expect arbitrary code execution | Positive Security
3.6 parsecs away

Travel
| | Insecure URL handling leading to 1-click code execution vulnerabilities in Telegram, Nextcloud (CVE-2021-22879), VLC, LibreOffice (CVE-2021-25631), OpenOffice (CVE-2021-30245), Bitcoin/Dogecoin Wallets, Wireshark (CVE-2021-22191) and Mumble (CVE-2021-27229).
| | swordbytes.com
Overwolf 1-Click Remote Code Execution - CVE-2021-33501
2.5 parsecs away

Travel
| | SwordBytes researchers have identified an Unauthenticated Remote Code Execution (RCE) vulnerability in Overwolf's Client Application by abusing a Reflected Cross-Site Scripting (XSS) issue present in the "overwolfstore://" URL handler. This vulnerability allows remote unauthenticated attackers to execute arbitrary commands on the underlying operating system that hosts Overwolf's Client Application.
| | seekinglavenderlane.com
August 6, 2024 - Seeking Lavender Lane
15.6 parsecs away

Travel
| [AI summary] A website's homepage offering home design inspiration and contact information, with a focus on interior design and privacy policy details.