18
1月

Tittle: 2018.1.20

0 作者:admin

Fake SagePay Subscription emails via MailChimp mailing list systems delivering Gootkit Banking trojan

automatic VMWARE RPC request sniffing

Google Chrome "icu_59::NumberingSystem::createInstance()" Stack-based Buffer Write Overflow Vulnerabiliy (CVE-2017-15396)

Google Chrome "Runtime_CanonicalizeLanguageTag()" Stack-based Buffer Read Overflow Vulnerabiliy (CVE-2017-15406)

Adobe reader sandbox ecape! Unpatched and unreported.

Apple -com_apple_AVEBridge::query Completion Invalid Read(CVE-2017-13848)

Apple –apfs`AppleAPFSUserClient::methodContainerExtendedInfo Invalid Write(CVE-2017-7114)

Apple -com_apple_AVEBridge::submitData NULL Dereference(CVE-2017-13858)

An Unpatched Kernel Bug› apple's AMDRadeonX4150 kext triggered a kernel panic

Google Forms (WordPress plugin) SSRF vulnerability

74cms v4.2.3前台任意文件读取

A short write-up on HTTP Access Control (CORS) Bypass on MS Edge

a line-by-line analysis of the Spectre exploit

360 A-TEAM 带你走进 NTLM-Relay

Expiring payloads with new metasploit addition

Kernel Exploitation 6: NULL pointer dereference

If you'd like to fuzz some TCP servers (Apache httpd, ISC Bind, OpenSSH), here're some quick thoughts on that

Regexp Security Cheatsheet

2017年度安全报告––IoT安全威胁

IoT security – part 3 (101 – IoT top 10 vulnerabilities)

a table that explains the behaviour of '==' in php

Steps to Reproduce 1: Leaking PII of Apple pre-order customers

XCTF-赛博地球杯工业互联网安全大赛web部分题解

tools the exploit for MIPS of the vault7 CIA wikileaks RouterOS

tools The Oracle JoltandBleed poc

tools jvm-sandbox:阿里巴巴开源自研动态非侵入AOP解决方案

tools MaltegoNessusParser:Maltego transform for visualizing Nessus scan data

tools swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics.


评论


当前没有评论,快来评论吧!





来说点什么吧