Explore >> Select a destination

You are here

 donncha.is
Reliably compromising Ubuntu desktops by attacking the crash reporter | Donncha Ó Cearbhaill
| | taeluralexis.com
Broker Writeup w/o Metasploit - Tae'lur Alexis
9.5 parsecs away

Travel
| | In this writeup, we'll exploit a Linux machine on Hack The Box with CVE-2023-46604, leveraging Java deserialization for remote code execution.
| | positive.security
Allow arbitrary URLs, expect arbitrary code execution | Positive Security
10.0 parsecs away

Travel
| | Insecure URL handling leading to 1-click code execution vulnerabilities in Telegram, Nextcloud (CVE-2021-22879), VLC, LibreOffice (CVE-2021-25631), OpenOffice (CVE-2021-30245), Bitcoin/Dogecoin Wallets, Wireshark (CVE-2021-22191) and Mumble (CVE-2021-27229).
| | swordbytes.com
Overwolf 1-Click Remote Code Execution - CVE-2021-33501
8.1 parsecs away

Travel
| | SwordBytes researchers have identified an Unauthenticated Remote Code Execution (RCE) vulnerability in Overwolf's Client Application by abusing a Reflected Cross-Site Scripting (XSS) issue present in the "overwolfstore://" URL handler. This vulnerability allows remote unauthenticated attackers to execute arbitrary commands on the underlying operating system that hosts Overwolf's Client Application.
| | www.pulumi.com
Pulumi ESC and External Secrets Operator: The Perfect Solution for Today's Cloud-Native Secret Management | Pulumi Blog
99.5 parsecs away

Travel
| Learn how to manage Kubernetes secrets with Pulumi ESC and External Secrets Operator