227 - Kubernetes Code Exec and There Is No Spoon Honestly, this is a simple bug, a react website, wiht sourc... 2023-11-28 21:0:0 | 阅读: 12 | 收藏 | DAY[0] - dayzerosec.com ingress lua copying attacker served

226 - A Heap of Linux Bugs One vulnerability a use-after-free in the Linux nftable sub... 2023-11-23 02:10:45 | 阅读: 11 | 收藏 | DAY[0] - dayzerosec.com compound memory folio contiguous buffers

225 - Prompting for Secrets and Malicious Extensions There is a lot going on in this post, the novel aspect are... 2023-11-21 21:0:0 | 阅读: 12 | 收藏 | DAY[0] - dayzerosec.com chrome motw bypasses chromeos

224 - A Bundle of Windows Bugs Simple off-by-one issue, the application parses the H... 2023-11-15 21:0:0 | 阅读: 11 | 收藏 | DAY[0] - dayzerosec.com numattrs overflow attacker apparent unknowingly

223 - Usurping Mastodon and Broken Signature Schemes Normalization gone wrong, Mastodon, when attempting to normali... 2023-11-14 21:0:0 | 阅读: 13 | 收藏 | DAY[0] - dayzerosec.com malformed firmware attacker akami poisoning

222 - MTE Debuts, DNS Client Exploits, and iTLB Additional Links: https://www.tacitosecurity.com/ekoparty2023.pdf ... 2023-11-8 21:0:0 | 阅读: 18 | 收藏 | DAY[0] - dayzerosec.com

221 - Attacking OAuth, Citrix, and some P2O Drama What happens when you don’t properly validate OAuth access... 2023-11-7 20:0:0 | 阅读: 17 | 收藏 | DAY[0] - dayzerosec.com dicom snprintf implicit openid memory

220 - Windows Kernel Bugs, Safari Integer Underflow, and CONSTIFY Not Found :( Home Page ... 2023-10-24 20:0:0 | 阅读: 15 | 收藏 | DAY[0] - dayzerosec.com

219 - Rapid Reset, Attacking AWS Cognito, and Confluence Bugs Rapid Reset is a Denial of Service (DOS) attack that abuses the HTTP/2 RST_STREAM frames functi... 2023-10-23 20:0:0 | 阅读: 21 | 收藏 | DAY[0] - dayzerosec.com cognito frames attacker uint8array client

218 - A Chrome RCE, WebP 0day, and glibc LPE A rather complex-bug to trigger that was found being exploi... 2023-10-11 07:45:0 | 阅读: 20 | 收藏 | DAY[0] - dayzerosec.com tunables huffman tunable overflow segments

217 - Insecure Firewalls, MyBB, and Winning with WinRAR A fairly simple processing bug in WinRAR resulting in code execut... 2023-10-10 19:45:0 | 阅读: 23 | 收藏 | DAY[0] - dayzerosec.com trimmed redos fairly

216 - Busted Stack Protectors, MTE, and AI Powered Fuzzing A bit of an unexpected fault in GCC’s -fstack-protector implementation that meant that the save... 2023-9-27 19:45:0 | 阅读: 17 | 收藏 | DAY[0] - dayzerosec.com overflow protector locals aarch64 allocations

215 - DEF CON, HardwearIO, Broken Caching, and Dropping Headers The title gives this one away, the header(...)... 2023-9-26 19:45:51 | 阅读: 13 | 收藏 | DAY[0] - dayzerosec.com parentid attacker uploadid sanitized sharefile

Spot the Vuln Shirt (Solutions) Unfortunately, we will not be directly selling these shirts, but I have another pos... 2023-7-7 14:55:30 | 阅读: 40 | 收藏 | DAY[0] - dayzerosec.com integers compliment multiplied attacker converted

Spot the Vuln Shirt (DIY) Unfortunately, we will NOT be selling the "Spot the Vuln" shirts we mentioned on th... 2023-7-7 12:42:33 | 阅读: 24 | 收藏 | DAY[0] - dayzerosec.com shirt vuln shirts spot producer

214 - Exploiting VMware Workstation and the Return of CSG0-Days Additional Links:https://bugs.chromium.org/p/project-zero/issues/detail?id=240... 2023-5-25 07:56:44 | 阅读: 28 | 收藏 | DAY[0] - dayzerosec.com chromium 240

213 - Jellyfin Exploits and TOCTOU Spellcasting Two vulnerabilities in Jellyfin, which is a media server fork of Emby. They focused on the REST... 2023-5-24 03:50:18 | 阅读: 36 | 收藏 | DAY[0] - dayzerosec.com encoder attacker similarly emby

212 - Attacking VirtualBox and Malicious Chess Two vulns in VirtualBox, an Out-of-Bounds (OOB) write in the TPM module and an OOB read in VGA.... 2023-5-18 07:49:24 | 阅读: 34 | 收藏 | DAY[0] - dayzerosec.com oob vga tpm mmio virtualbox

211 - OverlayFS to Root and Parallels Desktop Escapes An attack that confuses security tooling into an insecure action.... 2023-5-17 03:47:52 | 阅读: 27 | 收藏 | DAY[0] - dayzerosec.com zendesk vuln attacker repository github

210 - TPMs and Baseband Bugs Home Blog Podcast Vulns About Us Contact... 2023-5-11 07:52:31 | 阅读: 21 | 收藏 | DAY[0] - dayzerosec.com chromium baseband vuln twitch