Solr服务器上的“花式”远程代码执行(RCE)
从盲SSRF到RCE:如何在Solr服务器上实现数据篡改和代码执行!
Aggregator
.NET 2025年3月份红队武器库和资源汇总
8 months 2 weeks ago
.NET 安全攻防知识交流社区
8 months 2 weeks ago
.NET 内网实战:通过 slui.exe 绕过 UAC 实现提权
8 months 2 weeks ago
arya: produces pseudo-malicious files meant to trigger YARA rules
8 months 2 weeks ago
Arya – The Reverse YARA Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it as a reverse YARA because it does exactly the opposite...
The post arya: produces pseudo-malicious files meant to trigger YARA rules appeared first on Penetration Testing Tools.
ddos
pphack: The Most Advanced Client-Side Prototype Pollution Scanner
8 months 2 weeks ago
pphack is a CLI tool for scanning websites for client-side prototype pollution vulnerabilities. Feature Fast (concurrent workers) Default payload covers a lot of cases Payload and Javascript customization Proxy-friendly Support output in a file...
The post pphack: The Most Advanced Client-Side Prototype Pollution Scanner appeared first on Penetration Testing Tools.
ddos
OA系统漏洞致使数据泄露,青海一公司被罚5万元
8 months 2 weeks ago
青海省开出首张网络数据安全“罚单”
OA系统漏洞致使数据泄露,青海一公司被罚5万元
8 months 2 weeks ago
青海省开出首张网络数据安全“罚单”
OA系统漏洞致使数据泄露,青海一公司被罚5万元
8 months 2 weeks ago
青海省开出首张网络数据安全“罚单”
CVE-2024-40711&CVE-2025-23120 Veeam Backup .NET 二次反序列化触发及绕过分析
8 months 2 weeks ago
非常经典的 .NET 二次反序列化漏洞以及 Bypass 黑白名单的思路分析。
CVE-2024-40711&CVE-2025-23120 Veeam Backup .NET 二次反序列化触发及绕过分析
8 months 2 weeks ago
非常经典的 .NET 二次反序列化漏洞以及 Bypass 黑白名单的思路分析。
CVE-2024-40711&CVE-2025-23120 Veeam Backup .NET 二次反序列化触发及绕过分析
8 months 2 weeks ago
非常经典的 .NET 二次反序列化漏洞以及 Bypass 黑白名单的思路分析。
CVE-2024-40711&CVE-2025-23120 Veeam Backup .NET 二次反序列化触发及绕过分析
8 months 2 weeks ago
非常经典的 .NET 二次反序列化漏洞以及 Bypass 黑白名单的思路分析。
CVE-2024-40711&CVE-2025-23120 Veeam Backup .NET 二次反序列化触发及绕过分析
8 months 2 weeks ago
非常经典的 .NET 二次反序列化漏洞以及 Bypass 黑白名单的思路分析。
CVE-2024-40711&CVE-2025-23120 Veeam Backup .NET 二次反序列化触发及绕过分析
8 months 2 weeks ago
非常经典的 .NET 二次反序列化漏洞以及 Bypass 黑白名单的思路分析。
CVE-2024-40711&CVE-2025-23120 Veeam Backup .NET 二次反序列化触发及绕过分析
8 months 2 weeks ago
非常经典的 .NET 二次反序列化漏洞以及 Bypass 黑白名单的思路分析。
Daily Dose of Dark Web Informer - 29th of March 2025
8 months 2 weeks ago
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Dark Web Informer - Cyber Threat Intelligence
CVE-2024-34095 | Adobe Acrobat Reader up to 20.005.30574/24.002.20736 use after free (apsb24-29)
8 months 2 weeks ago
A vulnerability classified as critical was found in Adobe Acrobat Reader up to 20.005.30574/24.002.20736. This vulnerability affects unknown code. The manipulation leads to use after free.
This vulnerability was named CVE-2024-34095. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-34096 | Adobe Acrobat Reader up to 20.005.30574/24.002.20736 use after free (apsb24-29)
8 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Adobe Acrobat Reader up to 20.005.30574/24.002.20736. This issue affects some unknown processing. The manipulation leads to use after free.
The identification of this vulnerability is CVE-2024-34096. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-34097 | Adobe Acrobat Reader up to 20.005.30574/24.002.20736 use after free (apsb24-29)
8 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Adobe Acrobat Reader up to 20.005.30574/24.002.20736. Affected is an unknown function. The manipulation leads to use after free.
This vulnerability is traded as CVE-2024-34097. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com