Explore >> Select a destination

You are here

 parsiya.net
RCE in Visual Studio Code's Remote WSL for Fun and Negative Profit
| | www.nodejs-security.com
Do not use secrets in environment variables and here's how to do it better
3.2 parsecs away

Travel
| | Stop storing secrets in environment variables. It's a bad practice and only fits hobby or side projects with no real business impact. Here are all the reasons why you should never store secrets in environment variables and how to do it better.
| | positive.security
Windows 10 RCE: The exploit is in the link | Positive Security
2.9 parsecs away

Travel
| | Chaining a misconfiguration in IE11/Edge Legacy with an argument injection in a Windows 10/11 default URI handler and a bypass for a previous Electron patch, we developed a drive-by RCE exploit for Windows 10. The main vulnerability in the ms-officecmd URI handler has not been patched yet and can also be triggered through other browsers (requires confirmation of an inconspicuous dialog) and desktop applications that allow URI opening.
| | blog.thalium.re
Achieving Remote Code Execution in Steam: a journey into the Remote Play protocol
2.2 parsecs away

Travel
| | [AI summary] The blog post discusses the author's experience in vulnerability research and exploitation targeting Steam and its related products, including Steam Link and Remote Play. It covers various vulnerabilities such as format string vulnerabilities, request forgery, heap overflows, and a remote code execution (RCE) exploit. The author also details their interactions with HackerOne and Valve, highlighting the challenges in getting timely responses and the eventual resolution of the reported issues.
| | github.com
dgraph-benchmarks/cachebench at main · dgraph-io/dgraph-benchmarks · GitHub
27.8 parsecs away

Travel
| Run benchmarks with RDF data. Contribute to dgraph-io/dgraph-benchmarks development by creating an account on GitHub.