Explore >> Select a destination

You are here

 adepts.of0x.cc
From theory to practice: analysis and PoC development for CVE-2020-28018 (Use-After-Free in Exim) - Adepts of 0xCC
| | roundofthree.github.io
Exploitation of AIxCC Nginx bugs: Part I | RoundofThree
5.1 parsecs away

Travel
| | This blog post will analyse the exploitability of the temporal safety vulnerabilities in Nginx AIxCC. AIxCC is a DARPA competition to find vulnerabilities in codebases using AI. The competitors are not looking for 0-days but rather intentionally added vulnerabilities in existing codebases. One of them was Nginx in the semifinals, which already took place. In this blog post, I will have a different focus on whether these added vulnerabilities can be exploited to achieve more than just crashes.
| | www.ambionics.io
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 2)
5.5 parsecs away

Travel
| | In this blog post, we will explore a new way of exploiting the vulnerability on PHP, using direct calls to iconv(), and illustrate the vulnerability by targeting Roundcube, a popular PHP webmail.
| | swordbytes.com
Overwolf 1-Click Remote Code Execution - CVE-2021-33501
3.4 parsecs away

Travel
| | SwordBytes researchers have identified an Unauthenticated Remote Code Execution (RCE) vulnerability in Overwolf's Client Application by abusing a Reflected Cross-Site Scripting (XSS) issue present in the "overwolfstore://" URL handler. This vulnerability allows remote unauthenticated attackers to execute arbitrary commands on the underlying operating system that hosts Overwolf's Client Application.
| | blog.darkwolfsolutions.com
DWS Blog | 09.26.2024 Ep 15
28.4 parsecs away

Travel
| September 26, 2024 Episode 15 CVE-2024-45623: Unauthenticated RCE in D-Link DAP-2310 Authors: Hahna Kane Latonick and Jonathan Waterman Dark Wolf Solutions recently disclosed a vulnerability to D-Link that results in unauthenticated remote code execution (RCE) in their DAP-2310 REV-A Wireless