Explore >> Select a destination

You are here

 donncha.is
Reliably compromising Ubuntu desktops by attacking the crash reporter | Donncha Ó Cearbhaill
| | taeluralexis.com
Broker Writeup w/o Metasploit - Tae'lur Alexis
9.8 parsecs away

Travel
| | In this writeup, we'll exploit a Linux machine on Hack The Box with CVE-2023-46604, leveraging Java deserialization for remote code execution.
| | unit42.paloaltonetworks.com
PGMiner: New Cryptocurrency Mining Botnet Delivered via PostgreSQL
10.9 parsecs away

Travel
| | PGMiner is a novel Linux-based cryptocurrency mining botnet that exploits a disputed PostgreSQL remote code execution vulnerability.
| | positive.security
Allow arbitrary URLs, expect arbitrary code execution | Positive Security
9.3 parsecs away

Travel
| | Insecure URL handling leading to 1-click code execution vulnerabilities in Telegram, Nextcloud (CVE-2021-22879), VLC, LibreOffice (CVE-2021-25631), OpenOffice (CVE-2021-30245), Bitcoin/Dogecoin Wallets, Wireshark (CVE-2021-22191) and Mumble (CVE-2021-27229).
| | www.sonarsource.com
Securing Developer Tools: OneDev Remote Code Execution | Sonar
34.3 parsecs away

Travel
| We recently discovered several vulnerabilities in OneDev 7.2.9 that allowed attackers to fully compromise a server and even break out of a Docker environment.