Diving deep into Jetbrains TeamCity Part 2 - Analysing CVE-2024-24942 leading to unauthenticated Path Traversal Dec 11, 2024 •java, aaThis article aims to explore the details of CVE-2024-249... 2024-12-12 14:58:6 | 阅读: 29 | 收藏 | Sec-News 安全文摘 - govuln.com swaggerui teamcity notnull

基于 llamafile 和 Continue 的本地AI代码助手 继“数字货币”和“区块链”之后，IT 业界目前最火的概念毫无疑问就是 “AI“ 了。些许值得庆幸的是，在经过一年多的发展后，名为 “AI” 实为 “LLM（... 2024-12-12 14:27:37 | 阅读: 14 | 收藏 | Sec-News 安全文摘 - govuln.com llamafile 模型 coder qwen2 gguf

New dog, old tricks: DaMAgeCard attack targets memory directly thru SD card reader Did I ever tell you what the de... 2024-12-12 14:19:54 | 阅读: 7 | 收藏 | Sec-News 安全文摘 - govuln.com dma pcie memory security mastering

Remote Code Execution with Spring Properties Recently a past student came to me with a very interesting unauthenticated vul... 2024-11-27 11:23:20 | 阅读: 12 | 收藏 | Sec-News 安全文摘 - govuln.com logfile logback

Chrome扩展攻击指南 首页 会员介绍... 2024-11-25 17:54:27 | 阅读: 9 | 收藏 | Sec-News 安全文摘 - govuln.com icp 20012251 审计

The Karma connection in Chrome Web Store Somebody brought to my attention that the Hide YouTube Shorts extension for Chrome... 2024-11-25 16:40:59 | 阅读: 21 | 收藏 | Sec-News 安全文摘 - govuln.com karma affiliate ltd malicious youtube

Exploiting File Writes in Hardened Node.js Environments …TL; DR在 Hexacon 2024 上关注到了这么一个议题 《Exploiting File... 2024-11-25 16:40:2 | 阅读: 8 | 收藏 | Sec-News 安全文摘 - govuln.com signum uv 数据 0x60

010editor 模板编写笔记 可以通过local关键字定义变量，这样的变量默认不会显示在模板窗口中，不过用户任然可以在窗口中点击右键菜单中的Show Local Variables来显示局部变量。format: 以某种进制格式显示... 2024-11-25 16:39:5 | 阅读: 8 | 收藏 | Sec-News 安全文摘 - govuln.com wchar ftell wstring hh yyyy

Introducing lightyear: a new way to dump PHP files read file error: read notes: is a directory... 2024-11-25 16:38:16 | 阅读: 17 | 收藏 | Sec-News 安全文摘 - govuln.com digit iconv 4a dechunk 5a

N1CTF24 PHP Master Writeup 0x01 介绍在刚刚过去的N1CTF24上，... 2024-11-12 19:48:15 | 阅读: 11 | 收藏 | Sec-News 安全文摘 - govuln.com php dataform 0x500 解释器 指令

Super Blind SQL Injection- $20000 bounty | Thousands of targets still vulnerable 2024-11-7 16:19:46 | 阅读: 6 | 收藏 | Sec-News 安全文摘 - govuln.com

构建无密码认证：passkey入门与Go实现 请点击上方蓝字TonyBai订阅公众号！传统的密码认证一直以来都是数字时代的主流身份验证方式。然而，用户常常选择易记的弱密码并重复使用，导致账号易受攻击。密码泄露、钓鱼攻击等安全问题层出不穷，超过80... 2024-11-7 16:18:4 | 阅读: 15 | 收藏 | Sec-News 安全文摘 - govuln.com passkey webauthn username 数据

CVE-2024-9264: Grafana Remote Code Execution via SQL Expressions In my previous blog post, I examined a File-Read vulnerability in Grafana, which was introduced in... 2024-11-7 16:16:55 | 阅读: 39 | 收藏 | Sec-News 安全文摘 - govuln.com reverse payload shellfs username duckdb

protectai/vulnhuntr: Zero shot vulnerability discovery using LLMs read file error: read notes: is a directory... 2024-10-22 23:4:15 | 阅读: 9 | 收藏 | Sec-News 安全文摘 - govuln.com llm vulnhuntr analysis gpt

nollium/CVE-2024-9264: Exploit for Grafana arbitrary file-read (CVE-2024-9264) read file error: read notes: is a directory... 2024-10-22 02:3:51 | 阅读: 34 | 收藏 | Sec-News 安全文摘 - govuln.com duckdb 9264 gr injection

Why Code Security Matters - Even in Hardened Environments Infrastructure hardening makes applications more resilient to attacks. These measures raise the bar... 2024-10-10 00:30:53 | 阅读: 5 | 收藏 | Sec-News 安全文摘 - govuln.com attackers uv yellow signum memory

Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409) IntroductionIn this blog post, we will analyze CVE-2024-45409, a critical vulnerabi... 2024-10-5 19:14:50 | 阅读: 42 | 收藏 | Sec-News 安全文摘 - govuln.com assertion digest signedinfo oasis digestvalue

Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine 首页 会员介绍... 2024-10-4 16:34:37 | 阅读: 8 | 收藏 | Sec-News 安全文摘 - govuln.com icp 20012251 审计

Java Payload 生成框架的设计与实现 read file error: read notes: is a directory... 2024-9-30 14:21:49 | 阅读: 15 | 收藏 | Sec-News 安全文摘 - govuln.com payload github jndi ysomap

Clash 检测工具的原理 我在 /t/1076579 给出了 Clash 检测的在线工具，有评论希望我能说明以下其中的原理。对此比较感兴趣的，可以阅读一下本文。首先，需要了解两个术语：「同源策略」和「跨域资源共享」。... 2024-9-30 11:36:31 | 阅读: 32 | 收藏 | Sec-News 安全文摘 - govuln.com 端口 clash 浏览器 401 共享