unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
214 - Exploiting VMware Workstation and the Return of CSG0-Days
Additional Links:https://bugs.chromium.org/p/project-zero/issues/detail?id=240...
2023-5-25 07:56:44 | 阅读: 15 |
收藏
|
DAY[0] - dayzerosec.com
chromium
240
213 - Jellyfin Exploits and TOCTOU Spellcasting
Two vulnerabilities in Jellyfin, which is a media server fork of Emby. They focused on the REST...
2023-5-24 03:50:18 | 阅读: 15 |
收藏
|
DAY[0] - dayzerosec.com
encoder
attacker
similarly
emby
212 - Attacking VirtualBox and Malicious Chess
Two vulns in VirtualBox, an Out-of-Bounds (OOB) write in the TPM module and an OOB read in VGA....
2023-5-18 07:49:24 | 阅读: 11 |
收藏
|
DAY[0] - dayzerosec.com
oob
vga
tpm
mmio
virtualbox
211 - OverlayFS to Root and Parallels Desktop Escapes
An attack that confuses security tooling into an insecure action....
2023-5-17 03:47:52 | 阅读: 9 |
收藏
|
DAY[0] - dayzerosec.com
zendesk
vuln
attacker
repository
github
210 - TPMs and Baseband Bugs
Home Blog Podcast Vulns About Us Contact...
2023-5-11 07:52:31 | 阅读: 8 |
收藏
|
DAY[0] - dayzerosec.com
chromium
baseband
vuln
twitch
209 - Bad Ordering, Free OpenAI Credits, and Goodbye Passwords?
OpenAI would provide some free credits to a user once they...
2023-5-10 03:50:37 | 阅读: 9 |
收藏
|
DAY[0] - dayzerosec.com
bypass
subdomain
username
jsonp
208 - A Timing Side-Channel for Kernel Exploitation and VR in the wake of Rust
00:09:21RCE in the Microsoft Windows DHCPv6 Service [CVE-2023-28231]This one i...
2023-5-4 07:54:46 | 阅读: 7 |
收藏
|
DAY[0] - dayzerosec.com
bunch
microsoft
windows
dhcpv6
28231
207 - Git Config Injection and a Sophos Pre-Auth RCE
A logic bug when dealing with the parsing of the git/.confi...
2023-5-3 03:50:52 | 阅读: 14 |
收藏
|
DAY[0] - dayzerosec.com
setuid
privileged
privileges
setgid
identifiers
206 - A Ghostscript RCE and a Windows Registry Bug
A pretty classic string escaping bug in GhostScript,...
2023-4-27 07:48:55 | 阅读: 23 |
收藏
|
DAY[0] - dayzerosec.com
cmrenamekey
memory
spu
subkeylists
205 - SecurePoint UTM, Chfn, and Docker Named Pipe Vulns
Bit of an odd bug in the SecurityPoint UTM Firewall admin and use...
2023-4-26 03:50:31 | 阅读: 12 |
收藏
|
DAY[0] - dayzerosec.com
attacker
deletion
remote
sessionid
Reversing the AMD Secure Processor (PSP) - Part 2: Cryptographic Co-Processor (CCP)
设计mysql数据表时,通常用户名、密码的类型为varchar或者char,可以利用Mysql varchar或char类型同数字比较的自动转换机制,构造最新过狗(安全狗V3.5.12048)新型万能...
2023-4-23 03:21:30 | 阅读: 21 |
收藏
|
DAY[0] - dayzerosec.com
ccp
mmio
ccp5
memtype
psp
Reversing the AMD Secure Processor (PSP) - Part 1: Design and Overview
AMD's Secure Processor (formerly known as Platform Security Processor or "PSP") is...
2023-4-18 06:46:30 | 阅读: 13 |
收藏
|
DAY[0] - dayzerosec.com
psp
mmio
abl
syshub
svc
204 - Glitching the Wii-U and Integer Overflows
This article is about glitching the Wii-U’s read of One-Time Programmable (OTP) fuses into regi...
2023-4-13 08:30:0 | 阅读: 4 |
收藏
|
DAY[0] - dayzerosec.com
fuses
glitch
zeroes
otp
glitching
203 - Pentaho Pre-Auth RCE and Theft by CAN Injection
Additional Links:https://github.com/elastic/synthetics-recorder/blob/v0.0.1-be...
2023-4-12 03:48:41 | 阅读: 20 |
收藏
|
DAY[0] - dayzerosec.com
l217
github
synthetics
recorder
202 - A SNIProxy Bug and a Samsung NPU Double Free
Home Blog Podcast Vulns About Us Contact...
2023-4-6 07:53:33 | 阅读: 16 |
收藏
|
DAY[0] - dayzerosec.com
github
sniproxy
2023show
mast1c0re
201 - Bamboozling Bing and a Curl Gotcha
When using curl, if the --data-raw argument starts with a @ it...
2023-4-5 03:54:39 | 阅读: 10 |
收藏
|
DAY[0] - dayzerosec.com
pollution
attacker
security
privileged
200 - 200th Episode! Integer Bugs & Synthetic Memory Protections
A high performance, but apparently low secur...
2023-3-30 10:25:22 | 阅读: 4 |
收藏
|
DAY[0] - dayzerosec.com
memory
mappings
exponent
immutable
keymst
200 Episodes of Dayzerosec
With our 200th episode airing today, I thought it would be fun to go back and check...
2023-3-29 05:50:26 | 阅读: 9 |
收藏
|
DAY[0] - dayzerosec.com
episodes
episode
security
longest
199 - Bypassing CloudTrail and Tricking GPTs
Two CloudTrail logging vulnerabilities have been identified, invo...
2023-3-29 03:54:35 | 阅读: 9 |
收藏
|
DAY[0] - dayzerosec.com
otp
aws242
sniff
cloudtrail
attacker
198 - TOCTOUs in Intel SMM and Shannon Baseband Bugs
Effectively, a double-fetch vulnerability in Intel SMM’s SMI handler that could allow a local a...
2023-3-23 07:50:9 | 阅读: 5 |
收藏
|
DAY[0] - dayzerosec.com
privileged
attacker
memory
smm
utimately
Previous
1
2
3
4
5
6
7
8
Next