206 - A Ghostscript RCE and a Windows Registry Bug A pretty classic string escaping bug in GhostScript,... 2023-4-27 07:48:55 | 阅读: 34 | 收藏 | DAY[0] - dayzerosec.com cmrenamekey memory spu subkeylists

205 - SecurePoint UTM, Chfn, and Docker Named Pipe Vulns Bit of an odd bug in the SecurityPoint UTM Firewall admin and use... 2023-4-26 03:50:31 | 阅读: 22 | 收藏 | DAY[0] - dayzerosec.com attacker deletion remote sessionid

Reversing the AMD Secure Processor (PSP) - Part 2: Cryptographic Co-Processor (CCP) 设计mysql数据表时，通常用户名、密码的类型为varchar或者char,可以利用Mysql varchar或char类型同数字比较的自动转换机制，构造最新过狗（安全狗V3.5.12048）新型万能... 2023-4-23 03:21:30 | 阅读: 33 | 收藏 | DAY[0] - dayzerosec.com ccp mmio ccp5 memtype psp

Reversing the AMD Secure Processor (PSP) - Part 1: Design and Overview AMD's Secure Processor (formerly known as Platform Security Processor or "PSP") is... 2023-4-18 06:46:30 | 阅读: 30 | 收藏 | DAY[0] - dayzerosec.com psp mmio abl syshub svc

204 - Glitching the Wii-U and Integer Overflows This article is about glitching the Wii-U’s read of One-Time Programmable (OTP) fuses into regi... 2023-4-13 08:30:0 | 阅读: 11 | 收藏 | DAY[0] - dayzerosec.com fuses glitch zeroes otp glitching

203 - Pentaho Pre-Auth RCE and Theft by CAN Injection Additional Links:https://github.com/elastic/synthetics-recorder/blob/v0.0.1-be... 2023-4-12 03:48:41 | 阅读: 27 | 收藏 | DAY[0] - dayzerosec.com l217 github synthetics recorder

202 - A SNIProxy Bug and a Samsung NPU Double Free Home Blog Podcast Vulns About Us Contact... 2023-4-6 07:53:33 | 阅读: 20 | 收藏 | DAY[0] - dayzerosec.com github sniproxy 2023show mast1c0re

201 - Bamboozling Bing and a Curl Gotcha When using curl, if the --data-raw argument starts with a @ it... 2023-4-5 03:54:39 | 阅读: 22 | 收藏 | DAY[0] - dayzerosec.com pollution attacker security privileged

200 - 200th Episode! Integer Bugs & Synthetic Memory Protections A high performance, but apparently low secur... 2023-3-30 10:25:22 | 阅读: 10 | 收藏 | DAY[0] - dayzerosec.com memory mappings exponent immutable keymst

200 Episodes of Dayzerosec With our 200th episode airing today, I thought it would be fun to go back and check... 2023-3-29 05:50:26 | 阅读: 14 | 收藏 | DAY[0] - dayzerosec.com episodes episode security longest

199 - Bypassing CloudTrail and Tricking GPTs Two CloudTrail logging vulnerabilities have been identified, invo... 2023-3-29 03:54:35 | 阅读: 18 | 收藏 | DAY[0] - dayzerosec.com otp aws242 sniff cloudtrail attacker

198 - TOCTOUs in Intel SMM and Shannon Baseband Bugs Effectively, a double-fetch vulnerability in Intel SMM’s SMI handler that could allow a local a... 2023-3-23 07:50:9 | 阅读: 17 | 收藏 | DAY[0] - dayzerosec.com privileged attacker memory smm utimately

197 - Popping Azure Web Services and Apollo Config Bugs When using the ssrfFilter library in conjunction with the Request... 2023-3-22 03:51:43 | 阅读: 24 | 收藏 | DAY[0] - dayzerosec.com library attacker truncate vuln bypass

196 - An OpenBSD overflow and TPM bugs Yet another case of bad syncronization or just performing operations in the wrong order. IIn th... 2023-3-16 07:55:45 | 阅读: 13 | 收藏 | DAY[0] - dayzerosec.com tpm isr ciphersize ipopt optlen

195 - Stealing Secrets with Security Advisories and CorePlague A nice use of the a CRLF Injection to exploit a seemingly unex... 2023-3-15 03:49:54 | 阅读: 15 | 收藏 | DAY[0] - dayzerosec.com jenkins attacker github forgot codespace

194 - Hacking the DSi and some Fuzzing Tips Additional Links: https://www.fuzzingbook.org/ ... 2023-3-9 08:50:52 | 阅读: 19 | 收藏 | DAY[0] - dayzerosec.com fuzzingbook

193 - ImageMagick, Cracking SmartLocks, and Broken OAuth Relatively straight forward oauth hijack/account takeover flow wi... 2023-3-8 04:49:19 | 阅读: 21 | 收藏 | DAY[0] - dayzerosec.com booking facebook jaas datahub

192 - A GPU Bug and the World’s Worst Fuzzer Findings A bug was found sort of accidentally in Adreno/KGSL GPU for Android devices. The post covers a... 2023-3-2 08:48:45 | 阅读: 16 | 收藏 | DAY[0] - dayzerosec.com mapped kgsl buffers memory userspace

191 - Param Pollution in Golang, OpenEMR, and CRLF Injection A couple interesting issues in OpenEMR leading to unauthenticated... 2023-3-1 04:52:8 | 阅读: 16 | 收藏 | DAY[0] - dayzerosec.com sequelize payload feathers injection bypass

190 - Fuzzing cURL, Netatalk, and an Emulator Escape 22 February 2023Show Notes 00:00:27Spot the Vuln - Ins... 2023-2-23 08:49:47 | 阅读: 18 | 收藏 | DAY[0] - dayzerosec.com memory joke overflows escaping