使用前端技术破解掘金滑块验证码 Please wait... ... 2024-6-6 14:39:14 | 阅读: 10 | 收藏 | Sec-News 安全文摘 - govuln.com

Check Point - Wrong Check Point (CVE-2024-24919) Gather round, gather round - it’s time for another blogpost tearing open an SSLVPN appl... 2024-6-5 23:27:59 | 阅读: 16 | 收藏 | Sec-News 安全文摘 - govuln.com 99999 19872 security appliance mycrl

使用Coze平台对Github Star项目进行分析推送 2024-6-4 22:59:33 | 阅读: 19 | 收藏 | Sec-News 安全文摘 - govuln.com coze github 模型 数据 信息

Molding lies into reality || Exploiting CVE-2024-4358 Progress made a mistake and published an advisory for a deserialization bug with CVSS 9.9 even thoug... 2024-6-4 11:17:14 | 阅读: 25 | 收藏 | Sec-News 安全文摘 - govuln.com telerik deserialize xmlreader

CVE-2024-2961：将php://filter任意文件读取提升为远程代码执行（RCE） 0x00  前言前几天p牛师傅在星球发了一个帖子：PHP利用glibc iconv()中的一个缓冲区溢出漏洞CVE-2024-2961，实现将文件读取提升为任意命令执行漏洞，当时觉得这个漏洞蛮有意思... 2024-6-4 10:23:9 | 阅读: 122 | 收藏 | Sec-News 安全文摘 - govuln.com php 缓冲区 漏洞 数据 aliyun

Real World CTF 6th Router4 writeup …前言这次 RWCTF 就准备了一个题目: 「Router4」, 一共有三个队伍在比赛期间做了出来，... 2024-6-3 21:57:37 | 阅读: 17 | 收藏 | Sec-News 安全文摘 - govuln.com tokenizer 分词 分词器 fts3 漏洞

Aj-report 二次就业 微信公众号：黑伞安全关注可了解更多的网络安全技术分享。如有问题或建议，请公众号留言;如果你觉得挖不到src漏洞，希望黑伞安全知识星球对你有帮助，欢迎加入[1]内容目录aj-report 二次就业0x0... 2024-6-3 18:53:18 | 阅读: 30 | 收藏 | Sec-News 安全文摘 - govuln.com gaea anjiplus jsonobject reportshare dto

pen4uin/java-memshell-generator: 一款支持高度自定义的 Java 内存马生成工具 2024-6-1 17:6:2 | 阅读: 20 | 收藏 | Sec-News 安全文摘 - govuln.com grade security github copilot codespaces

Diving deep into Jetbrains TeamCity Part 1 - Analysing CVE-2024-23917 leading to Authentication Bypass May 27, 2024 •javaThis article aims to explore the details of CVE-2024-23917 and explain the p... 2024-5-31 22:39:26 | 阅读: 11 | 收藏 | Sec-News 安全文摘 - govuln.com jetbrains buildserver teamcity

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet... 2024-5-29 15:29:30 | 阅读: 8 | 收藏 | Sec-News 安全文摘 - govuln.com sleet moonstone microsoft malicious north

Smuggler’s Gambit: Uncovering HTML Smuggling Adversary in the Middle Tradecraft tl;drHuntress uncovered the infrastructure of a mass phishing campaign including potentially novel t... 2024-5-29 15:28:49 | 阅读: 8 | 收藏 | Sec-News 安全文摘 - govuln.com payload rnsnno victim hxxps phishing

Hacking NASA: Critical SSRF + Subdomain Takeover + XSS 2024-5-29 15:26:40 | 阅读: 9 | 收藏 | Sec-News 安全文摘 - govuln.com

Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 1) A few months ago, I stumbled upon a 24 years old buffer overflow in the glibc, the base library for... 2024-5-28 10:54:57 | 阅读: 15 | 收藏 | Sec-News 安全文摘 - govuln.com iconv php 855 utf7 buckets

Windows 与 Java 环境下的 Redis 利用分析 error code: 521... 2024-5-27 18:38:39 | 阅读: 7 | 收藏 | Sec-News 安全文摘 - govuln.com 521

通过 Java Fuzzing 挖掘 Nexus Repository 3 目录穿越漏洞 (CVE-2024-4956) 通过 Java Fuzzing 挖掘 Nexus Repository 3 目录穿越漏洞 (CVE-2024-4956)前言很久之前和朋友一起挖某 SRC 的时候遇到过开放在公网的 Nexus 仓... 2024-5-27 16:56:38 | 阅读: 65 | 收藏 | Sec-News 安全文摘 - govuln.com jetty eclipse dofilter nexus shiro

Electron Math: 8 Million User Note App Stored XSS -> RCE bypassing nodeintegration via preload.js in electron This very interesting finding actually start on a Youtube Video -> How Microsoft Accidentally Back... 2024-5-27 16:44:28 | 阅读: 18 | 收藏 | Sec-News 安全文摘 - govuln.com attachment renderer webpack

Modern WAF Bypass Techniques on Large Attack Surfaces 2024-5-27 14:58:43 | 阅读: 5 | 收藏 | Sec-News 安全文摘 - govuln.com

Getting XXE in Web Browsers using ChatGPT A year ago, I wondered what a ma... 2024-5-23 01:18:40 | 阅读: 30 | 收藏 | Sec-News 安全文摘 - govuln.com xsl stylesheet chrome ent passwd

CVE-2024-4367 - Arbitrary JavaScript execution in PDF.js 2024-5-21 10:43:37 | 阅读: 11 | 收藏 | Sec-News 安全文摘 - govuln.com

我对AI大模型安全的一些探索 2024-5-21 10:19:0 | 阅读: 7 | 收藏 | Sec-News 安全文摘 - govuln.com