unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
177 - Web Hackers vs. Cars and a Facebook Account Takeover
A total of either issues impacting various companies in the automotive industry, mix of issues...
2023-1-11 04:45:44 | 阅读: 33 |
收藏
|
DAY[0] - dayzerosec.com
sso
totp
username
mercedes
injection
176 - JS Type Confusions and Bringing Back Stack Attacks
A JIT optimization based type confusion in jscript9. The ro...
2022-12-15 08:45:19 | 阅读: 25 |
收藏
|
DAY[0] - dayzerosec.com
int32array
mntn
smc
memory
anon
175 - Pwn2Own Bugs and WAF Bypasses
Two vulns in Netgear RAX30 routers that were patched 2 days...
2022-12-14 04:45:32 | 阅读: 37 |
收藏
|
DAY[0] - dayzerosec.com
injection
bypass
integers
attacker
cloud
174 - A Huawei Hypervisor Vuln and More Memory Safety
An interesting vulnerability in Huawei’s security hypervisor which Huawei devices use to protec...
2022-12-8 08:45:21 | 阅读: 8 |
收藏
|
DAY[0] - dayzerosec.com
hypervisor
memory
hv
pagetable
allocator
173 - Remotely Controlling Hyundai and a League of Legends XSS
The core vulnerability here is a case where a DOM clobberin...
2022-12-7 07:13:3 | 阅读: 24 |
收藏
|
DAY[0] - dayzerosec.com
attacker
easyxdm
remote
referrer
loaded
172 - Patch Gaps and Apple Neural Engine Vulns
An out-of-bounds write in the ZinComputeProgramGetNamesFromMultiPlaneLinear() and ZinCompute...
2022-12-1 08:45:18 | 阅读: 19 |
收藏
|
DAY[0] - dayzerosec.com
planes
ane
fetched
171 - Tailscale RCE, an SQLi in PAM360, and Exploiting Backstage
A number of bugs in Tailscale leading to an RCE chain.So many b...
2022-11-30 03:45:20 | 阅读: 16 |
收藏
|
dayzerosec.com
localapi
peerapi
attacker
plane
backstage
170 - Hacking Pixel Bootloaders and Injecting Bugs
A timing-based side-channel in the CHECK_DATA Device Configuration Data could allow the valu...
2022-11-24 08:45:35 | 阅读: 10 |
收藏
|
dayzerosec.com
timing
mcu
cores
glitched
169 - Racing Grafana, Stealing Mastadon Passwords, and Cross-Site Tracing
Bypassing an authentication check in AWS AppSync by changing the...
2022-11-23 04:45:20 | 阅读: 14 |
收藏
|
dayzerosec.com
appsync
arn
memory
verbs
abbr
168 - Exploiting Undefined Behavior and a Chrome UAF
No specific issue here just talking about what divergent representations are. A divergent re...
2022-11-17 07:45:31 | 阅读: 8 |
收藏
|
dayzerosec.com
divergent
semantics
concrete
wiht
167 - Bypassing Pixel Lock Screens and Checkmk RCE
Bit of a race condition leading to a lock screen bypass on Pixel devices.The process of explo...
2022-11-16 04:45:59 | 阅读: 13 |
收藏
|
dayzerosec.com
attacker
injection
puk
lql
bypass
166 - OpenSSL Off-by-One, Java XML Bugs, and an In-the-Wild Samsung Chain
Off-by-one issue as the bounds check if (written_out > max_out) will continue for one extra ite...
2022-11-10 08:45:12 | 阅读: 10 |
收藏
|
dayzerosec.com
samsung
clipboard
attacker
decon
xslt
165 - Apache Batik, Static Site Generators, and an Android App Vuln
A somewhat simple security control bypass in Apache Batik’s Defau...
2022-11-9 05:0:27 | 阅读: 11 |
收藏
|
dayzerosec.com
attacker
gitlab
repository
ssrf
somewhat
164 - XNU’s kalloc_type, Stranger Strings, and a NetBSD Bug
Fairly straightforward refcount leak bug in the...
2022-11-3 07:45:36 | 阅读: 9 |
收藏
|
dayzerosec.com
overflow
somewhat
destroyed
passes
calculating
163 - A Galaxy Store Bug, Facebook CSRF, and Google IDOR
There seems to be a lot of gaps in this writeup, but to the...
2022-11-2 03:45:24 | 阅读: 13 |
收藏
|
dayzerosec.com
chunked
galaxystore
straight
captcha
download
162 - Edge Vulns, a SHA-3 Overflow, and an io_uring Exploit
Multiple memory corruptions in Microsoft Edge browser, t...
2022-10-27 07:45:15 | 阅读: 9 |
收藏
|
dayzerosec.com
dialog
corruptions
closing
overflow
cue
161 - XMPP Stanza Smuggling in Jabber and a Cobalt Strike RCE
A vuln where ultimately untrusted input can make its way into eva...
2022-10-26 03:45:57 | 阅读: 10 |
收藏
|
dayzerosec.com
attacker
perl
wordpress
routed
vuln
Previous
5
6
7
8
9
10
11
12
Next