Aggregator

Pwn入门之格式化字符串漏洞

Tide安全团队

8 months 1 week ago

在格式化字符串漏洞中，我们所读取的格式化字符串都是在栈上，这是由所读取的格式化字符串的特性决定的，是某个函数的局部变量，而栈的作用就是用于存储局部变量和函数调用信息。

Pwn入门之格式化字符串漏洞

不安全

8 months 1 week ago

声明：Tide安全团队原创文章，转载请声明出处！文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用，任何人不得将其用于非法用途给予盈利等目的，否则后果自行承担！技术永无止境一声晴空霹雳，鸽王再

How safe is posting on forums on the darkweb?

不安全

8 months 1 week ago

CVE-2024-13283 | Drupal Facets up to 2.0.8 cross site scripting

Vuldb Updates

8 months 1 week ago

A vulnerability was found in Drupal Facets up to 2.0.8. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-13283. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

PEAKLIGHT: слоёный пирог из обфускации парализует защиту корпоративных сетей

Securitylab.ru

8 months 1 week ago

Автоматизированная система заражения гибко подстраивается под любые механизмы безопасности.

Exploiting SSTI in a Modern Spring Boot Application (3.3.4)

不安全

8 months 1 week ago

WASP-166 b: планета-аномалия нарушает все законы формирования атмосфер

Securitylab.ru

8 months 1 week ago

Астрономы ломают голову над формулой необычной газовой оболочки.

Self-changing Data Type - CVE-2024-40676 漏洞分析

不安全

8 months 1 week ago

error code: 521

Self-changing Data Type - CVE-2024-40676 漏洞分析

Seebug Paper

8 months 1 week ago

作者：canyie 原文链接：https://blog.canyie.top/2024/11/07/self-changing-data-type/ 今年 10 月份的时候，Android 安全公告用 CVE-2024-40676 的编号公布了一个很奇怪的 patch。 AccountManagerService checkKeyIntent() 负责检查 account authent...