|
You are here |
www.zerodayinitiative.com | ||
| | | | |
www.thezdi.com
|
|
| | | | | [AI summary] A security researcher details an arbitrary code injection vulnerability (CVE-2023-35150) in the XWiki wiki software platform that affects authenticated users and requires immediate patching. | |
| | | | |
www.thezdi.com
|
|
| | | | | [AI summary] The ZDI team summarizes the third and final day of Pwn2Own Vancouver 2019, where researchers Richard Zhu and Amat Cama won the automotive category with a Tesla Model 3 exploit and were crowned Master of Pwn. | |
| | | | |
www.thezdi.com
|
|
| | | | | [AI summary] Report details a patched remote code execution vulnerability in Windows Libarchive triggered by extracting malicious RAR archives. | |
| | | | |
blog.fox-it.com
|
|
| | | Fox-IT (part of NCC Group) has uncovered a large-scale exploitation campaign of Citrix NetScalers in a joint effort with the Dutch Institute of Vulnerability Disclosure (DIVD). An adversary appears to have exploited CVE-2023-3519 in an automated fashion, placing webshells on vulnerable NetScalers to gain persistent access. The adversary can execute arbitrary commands with this webshell,... | ||