209 - Bad Ordering, Free OpenAI Credits, and Goodbye Passwords? OpenAI would provide some free credits to a user once they... 2023-5-10 03:50:37 | 阅读: 36 | 收藏 | DAY[0] - dayzerosec.com bypass subdomain username jsonp

208 - A Timing Side-Channel for Kernel Exploitation and VR in the wake of Rust 00:09:21RCE in the Microsoft Windows DHCPv6 Service [CVE-2023-28231]This one i... 2023-5-4 07:54:46 | 阅读: 25 | 收藏 | DAY[0] - dayzerosec.com bunch microsoft windows dhcpv6 28231

207 - Git Config Injection and a Sophos Pre-Auth RCE A logic bug when dealing with the parsing of the git/.confi... 2023-5-3 03:50:52 | 阅读: 42 | 收藏 | DAY[0] - dayzerosec.com setuid privileged privileges setgid identifiers

206 - A Ghostscript RCE and a Windows Registry Bug A pretty classic string escaping bug in GhostScript,... 2023-4-27 07:48:55 | 阅读: 42 | 收藏 | DAY[0] - dayzerosec.com cmrenamekey memory spu subkeylists

205 - SecurePoint UTM, Chfn, and Docker Named Pipe Vulns Bit of an odd bug in the SecurityPoint UTM Firewall admin and use... 2023-4-26 03:50:31 | 阅读: 27 | 收藏 | DAY[0] - dayzerosec.com attacker deletion remote sessionid

Reversing the AMD Secure Processor (PSP) - Part 2: Cryptographic Co-Processor (CCP) 设计mysql数据表时，通常用户名、密码的类型为varchar或者char,可以利用Mysql varchar或char类型同数字比较的自动转换机制，构造最新过狗（安全狗V3.5.12048）新型万能... 2023-4-23 03:21:30 | 阅读: 48 | 收藏 | DAY[0] - dayzerosec.com ccp mmio ccp5 memtype psp

Reversing the AMD Secure Processor (PSP) - Part 1: Design and Overview AMD's Secure Processor (formerly known as Platform Security Processor or "PSP") is... 2023-4-18 06:46:30 | 阅读: 47 | 收藏 | DAY[0] - dayzerosec.com psp mmio abl syshub svc

204 - Glitching the Wii-U and Integer Overflows This article is about glitching the Wii-U’s read of One-Time Programmable (OTP) fuses into regi... 2023-4-13 08:30:0 | 阅读: 22 | 收藏 | DAY[0] - dayzerosec.com fuses glitch zeroes otp glitching

203 - Pentaho Pre-Auth RCE and Theft by CAN Injection Additional Links:https://github.com/elastic/synthetics-recorder/blob/v0.0.1-be... 2023-4-12 03:48:41 | 阅读: 34 | 收藏 | DAY[0] - dayzerosec.com l217 github synthetics recorder

202 - A SNIProxy Bug and a Samsung NPU Double Free Home Blog Podcast Vulns About Us Contact... 2023-4-6 07:53:33 | 阅读: 27 | 收藏 | DAY[0] - dayzerosec.com github sniproxy 2023show mast1c0re

201 - Bamboozling Bing and a Curl Gotcha When using curl, if the --data-raw argument starts with a @ it... 2023-4-5 03:54:39 | 阅读: 29 | 收藏 | DAY[0] - dayzerosec.com pollution attacker security privileged

200 - 200th Episode! Integer Bugs & Synthetic Memory Protections A high performance, but apparently low secur... 2023-3-30 10:25:22 | 阅读: 17 | 收藏 | DAY[0] - dayzerosec.com memory mappings exponent immutable keymst

200 Episodes of Dayzerosec With our 200th episode airing today, I thought it would be fun to go back and check... 2023-3-29 05:50:26 | 阅读: 21 | 收藏 | DAY[0] - dayzerosec.com episodes episode security longest

199 - Bypassing CloudTrail and Tricking GPTs Two CloudTrail logging vulnerabilities have been identified, invo... 2023-3-29 03:54:35 | 阅读: 24 | 收藏 | DAY[0] - dayzerosec.com otp aws242 sniff cloudtrail attacker

198 - TOCTOUs in Intel SMM and Shannon Baseband Bugs Effectively, a double-fetch vulnerability in Intel SMM’s SMI handler that could allow a local a... 2023-3-23 07:50:9 | 阅读: 24 | 收藏 | DAY[0] - dayzerosec.com privileged attacker memory smm utimately

197 - Popping Azure Web Services and Apollo Config Bugs When using the ssrfFilter library in conjunction with the Request... 2023-3-22 03:51:43 | 阅读: 32 | 收藏 | DAY[0] - dayzerosec.com library attacker truncate vuln bypass

196 - An OpenBSD overflow and TPM bugs Yet another case of bad syncronization or just performing operations in the wrong order. IIn th... 2023-3-16 07:55:45 | 阅读: 18 | 收藏 | DAY[0] - dayzerosec.com tpm isr ciphersize ipopt optlen

195 - Stealing Secrets with Security Advisories and CorePlague A nice use of the a CRLF Injection to exploit a seemingly unex... 2023-3-15 03:49:54 | 阅读: 21 | 收藏 | DAY[0] - dayzerosec.com jenkins attacker github forgot codespace

194 - Hacking the DSi and some Fuzzing Tips Additional Links: https://www.fuzzingbook.org/ ... 2023-3-9 08:50:52 | 阅读: 27 | 收藏 | DAY[0] - dayzerosec.com fuzzingbook

193 - ImageMagick, Cracking SmartLocks, and Broken OAuth Relatively straight forward oauth hijack/account takeover flow wi... 2023-3-8 04:49:19 | 阅读: 27 | 收藏 | DAY[0] - dayzerosec.com booking facebook jaas datahub