unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain
Maddie Stone, Project ZeroNote: The three vulnerabilities discussed in this blog were all fixed in...
2022-11-4 23:50:0 | 阅读: 30 |
收藏
|
googleprojectzero.blogspot.com
decon
fence
ctl
samsung
signalfd
Gregor Samsa: Exploiting Java's XML Signature Verification
By Felix Wilhelm, Project ZeroEarlier this year, I discovered a surprising attack surface hidden de...
2022-11-2 19:41:0 | 阅读: 11 |
收藏
|
googleprojectzero.blogspot.com
u2
0xaa
xslt
xsltc
u1
RC4 Is Still Considered Harmful
By James Forshaw, Project ZeroI've been spending a lot of time researching Windows authentication i...
2022-10-28 03:48:0 | 阅读: 23 |
收藏
|
googleprojectzero.blogspot.com
encryption
client
md4
windows
The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
A deep dive into an in-the-wild Android exploit Guest Post by Xingyu Jin, Android Security Resea...
2022-8-11 07:0:0 | 阅读: 34 |
收藏
|
googleprojectzero.blogspot.com
inflight
scm
peek
candidates
recvmsg
2022 0-day In-the-Wild Exploitation…so far
Posted by Maddie Stone, Google Project Zero This blog post is an overview of a talk, “ 0-day I...
2022-6-30 21:0:0 | 阅读: 56 |
收藏
|
googleprojectzero.blogspot.com
analysis
security
attackers
windows
itw
The curious tale of a fake Carrier.app Posted by Ian Beer, Google Project Zero NOTE: This iss...
2022-6-24 00:1:0 | 阅读: 31 |
收藏
|
googleprojectzero.blogspot.com
dcp
scalar
blha
memory
setblock
An Autopsy on a Zombie In-the-Wild 0-day
Posted by Maddie Stone, Google Project Zero Whenever there’s a new in-the-wild 0-day disclosed...
2022-6-15 00:0:0 | 阅读: 23 |
收藏
|
googleprojectzero.blogspot.com
stateobject
frameloader
refactoring
Release of Technical Report into the AMD Security Processor
Posted by James Forshaw, Google Project Zero Today, members of Project Zero and the Google Clo...
2022-5-11 03:0:0 | 阅读: 24 |
收藏
|
googleprojectzero.blogspot.com
security
cloud
sev
snp
undertaken
The More You Know, The More You Know You Don’t Know
A Year in Review of 0-days Used In-the-Wild in 2021 Posted by Maddie Stone, Google Project Zero...
2022-4-20 00:6:0 | 阅读: 24 |
收藏
|
googleprojectzero.blogspot.com
attackers
security
exploited
memory
CVE-2021-1782, an iOS in-the-wild vulnerability in vouchers
Posted by Ian Beer, Google Project Zero This blog post is my analysis of a vulnerability explo...
2022-4-14 23:58:0 | 阅读: 20 |
收藏
|
googleprojectzero.blogspot.com
voucher
ivace
ivac
recipe
ivam
CVE-2021-30737, @xerub's 2021 iOS ASN.1 Vulnerability
Posted by Ian Beer, Google Project Zero This blog post is my analysis of a vulnerability found...
2022-4-8 00:8:0 | 阅读: 26 |
收藏
|
googleprojectzero.blogspot.com
asn1d
indefinite
asn1
constructed
nss
FORCEDENTRY: Sandbox Escape
Posted by Ian Beer & Samuel Groß of Google Project Zero We want to thank Citizen Lab for shari...
2022-4-1 00:0:0 | 阅读: 30 |
收藏
|
googleprojectzero.blogspot.com
nspredicate
nsxpc
library
commcenter
Racing against the clock -- hitting a tiny kernel race window
TL;DR: How to make a tiny kernel race window really large even on kernels without CONFIG_PREEMPT...
2022-3-25 04:51:0 | 阅读: 30 |
收藏
|
googleprojectzero.blogspot.com
6b
timing
clock
fget
5a
A walk through Project Zero metrics
Posted by Ryan Schoen, Project ZeroIn 2021, vendors took an average of 52 days to fix security vu...
2022-2-11 00:58:0 | 阅读: 31 |
收藏
|
googleprojectzero.blogspot.com
security
deadline
microsoft
grace
chrome
Zooming in on Zero-click Exploits
Posted by Natalie Silvanovich, Project Zero Zoom is a video conferencing platform that has gaine...
2022-1-19 01:28:0 | 阅读: 15 |
收藏
|
googleprojectzero.blogspot.com
mmr
client
attacker
ssb
rtp
Project Zero: Fuzzing ImageIO
Posted by Samuel Groß, Project ZeroThis blog post discusses an old type of issue, vulnerabilities...
2021-12-16 20:23:04 | 阅读: 24 |
收藏
|
googleprojectzero.blogspot.com
testheader
iio
imageio
library
A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution
tag:blogger.com,1999:blog-4838136820032157985.comments2021-12-15T08:12:49.701-08:00Project Zerotavis...
2021-12-16 02:00:00 | 阅读: 38 |
收藏
|
googleprojectzero.blogspot.com
15t08
701
00project
A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution
Posted by Ian Beer & Samuel Groß of Google Project Zero We want to thank Citizen Lab for shari...
2021-12-15 17:0:0 | 阅读: 7 |
收藏
|
googleprojectzero.blogspot.com
jbig2bitmap
jbig2
memory
segments
seg
This shouldn't have happened: A vulnerability postmortem
tag:blogger.com,1999:blog-4838136820032157985.comments2021-12-01T03:01:28.305-08:00Project Zerotavis...
2021-12-02 04:24:08 | 阅读: 17 |
收藏
|
googleprojectzero.blogspot.com
01t03
This shouldn't have happened: A vulnerability postmortem
Posted by Tavis Ormandy, Project Zero This is an unusual blog post. I normally write posts to...
2021-12-1 18:38:0 | 阅读: 21 |
收藏
|
googleprojectzero.blogspot.com
nss
mozilla
fuzzer
bigsig
pss
Previous
2
3
4
5
6
7
8
9
Next