214 - Exploiting VMware Workstation and the Return of CSG0-Days Additional Links:https://bugs.chromium.org/p/project-zero/issues/detail?id=240... 2023-5-25 07:56:44 | 阅读: 15 | 收藏 | DAY[0] - dayzerosec.com chromium 240

213 - Jellyfin Exploits and TOCTOU Spellcasting Two vulnerabilities in Jellyfin, which is a media server fork of Emby. They focused on the REST... 2023-5-24 03:50:18 | 阅读: 15 | 收藏 | DAY[0] - dayzerosec.com encoder attacker similarly emby

212 - Attacking VirtualBox and Malicious Chess Two vulns in VirtualBox, an Out-of-Bounds (OOB) write in the TPM module and an OOB read in VGA.... 2023-5-18 07:49:24 | 阅读: 11 | 收藏 | DAY[0] - dayzerosec.com oob vga tpm mmio virtualbox

211 - OverlayFS to Root and Parallels Desktop Escapes An attack that confuses security tooling into an insecure action.... 2023-5-17 03:47:52 | 阅读: 9 | 收藏 | DAY[0] - dayzerosec.com zendesk vuln attacker repository github

210 - TPMs and Baseband Bugs Home Blog Podcast Vulns About Us Contact... 2023-5-11 07:52:31 | 阅读: 8 | 收藏 | DAY[0] - dayzerosec.com chromium baseband vuln twitch

209 - Bad Ordering, Free OpenAI Credits, and Goodbye Passwords? OpenAI would provide some free credits to a user once they... 2023-5-10 03:50:37 | 阅读: 9 | 收藏 | DAY[0] - dayzerosec.com bypass subdomain username jsonp

208 - A Timing Side-Channel for Kernel Exploitation and VR in the wake of Rust 00:09:21RCE in the Microsoft Windows DHCPv6 Service [CVE-2023-28231]This one i... 2023-5-4 07:54:46 | 阅读: 7 | 收藏 | DAY[0] - dayzerosec.com bunch microsoft windows dhcpv6 28231

207 - Git Config Injection and a Sophos Pre-Auth RCE A logic bug when dealing with the parsing of the git/.confi... 2023-5-3 03:50:52 | 阅读: 14 | 收藏 | DAY[0] - dayzerosec.com setuid privileged privileges setgid identifiers

206 - A Ghostscript RCE and a Windows Registry Bug A pretty classic string escaping bug in GhostScript,... 2023-4-27 07:48:55 | 阅读: 23 | 收藏 | DAY[0] - dayzerosec.com cmrenamekey memory spu subkeylists

205 - SecurePoint UTM, Chfn, and Docker Named Pipe Vulns Bit of an odd bug in the SecurityPoint UTM Firewall admin and use... 2023-4-26 03:50:31 | 阅读: 12 | 收藏 | DAY[0] - dayzerosec.com attacker deletion remote sessionid

Reversing the AMD Secure Processor (PSP) - Part 2: Cryptographic Co-Processor (CCP) 设计mysql数据表时，通常用户名、密码的类型为varchar或者char,可以利用Mysql varchar或char类型同数字比较的自动转换机制，构造最新过狗（安全狗V3.5.12048）新型万能... 2023-4-23 03:21:30 | 阅读: 21 | 收藏 | DAY[0] - dayzerosec.com ccp mmio ccp5 memtype psp

Reversing the AMD Secure Processor (PSP) - Part 1: Design and Overview AMD's Secure Processor (formerly known as Platform Security Processor or "PSP") is... 2023-4-18 06:46:30 | 阅读: 13 | 收藏 | DAY[0] - dayzerosec.com psp mmio abl syshub svc

204 - Glitching the Wii-U and Integer Overflows This article is about glitching the Wii-U’s read of One-Time Programmable (OTP) fuses into regi... 2023-4-13 08:30:0 | 阅读: 4 | 收藏 | DAY[0] - dayzerosec.com fuses glitch zeroes otp glitching

203 - Pentaho Pre-Auth RCE and Theft by CAN Injection Additional Links:https://github.com/elastic/synthetics-recorder/blob/v0.0.1-be... 2023-4-12 03:48:41 | 阅读: 20 | 收藏 | DAY[0] - dayzerosec.com l217 github synthetics recorder

202 - A SNIProxy Bug and a Samsung NPU Double Free Home Blog Podcast Vulns About Us Contact... 2023-4-6 07:53:33 | 阅读: 16 | 收藏 | DAY[0] - dayzerosec.com github sniproxy 2023show mast1c0re

201 - Bamboozling Bing and a Curl Gotcha When using curl, if the --data-raw argument starts with a @ it... 2023-4-5 03:54:39 | 阅读: 10 | 收藏 | DAY[0] - dayzerosec.com pollution attacker security privileged

200 - 200th Episode! Integer Bugs & Synthetic Memory Protections A high performance, but apparently low secur... 2023-3-30 10:25:22 | 阅读: 4 | 收藏 | DAY[0] - dayzerosec.com memory mappings exponent immutable keymst

200 Episodes of Dayzerosec With our 200th episode airing today, I thought it would be fun to go back and check... 2023-3-29 05:50:26 | 阅读: 9 | 收藏 | DAY[0] - dayzerosec.com episodes episode security longest

199 - Bypassing CloudTrail and Tricking GPTs Two CloudTrail logging vulnerabilities have been identified, invo... 2023-3-29 03:54:35 | 阅读: 9 | 收藏 | DAY[0] - dayzerosec.com otp aws242 sniff cloudtrail attacker

198 - TOCTOUs in Intel SMM and Shannon Baseband Bugs Effectively, a double-fetch vulnerability in Intel SMM’s SMI handler that could allow a local a... 2023-3-23 07:50:9 | 阅读: 5 | 收藏 | DAY[0] - dayzerosec.com privileged attacker memory smm utimately