|
You are here |
alexsci.com | ||
| | | | |
endtimes.dev
|
|
| | | | | ||
| | | | |
jfhr.me
|
|
| | | | | You've probably heard that HTTPS makes websites more secure. That's true, but HTTPS has some limitations, and Strict Transport Security and Preloading are ways you can overcome those limitations. | |
| | | | |
labanskoller.se
|
|
| | | | | During 2021 I had access to a facility equipped with an alarm system from Securitas Direct. I had access as a regular user to Securitas Direct's My Pages at mypages-pro.securitas-direct.com, which is used to administer some aspects of one's security alarm installation. That web application suffered a CWE-384 Session Fixation vulnerability which can be used by an attacker in a so-called Man-In-The-Middle (MiTM) position. Home page of Securitas Direct My Pages In summary, if an attacker is on the same netw... | |
| | | | |
www.zerodayinitiative.com
|
|
| | | [AI summary] A critical remote code execution vulnerability in SolarWinds Access Rights Manager allows attackers to execute arbitrary code with service account privileges if proper data validation is not enforced. | ||