275 - Path Confusion and Mixing Public/Private Keys

275 - Path Confusion and Mixing Public/Private Keys
本期播客讨论了多个安全议题，包括OOB读取漏洞、OpenID Connect中的密钥混淆问题、Nginx/Apache路径绕过认证漏洞（CVE-2025-0108）、高价值目标的客户端链攻击、苹果服务的安全审计以及GD32 MCU的读出保护绕过。 2025-3-3 12:0:0 Author: dayzerosec.com(查看原文) 阅读量:23 收藏

03 March 2025

Show Notes

The OOB Read zi Introduced

Mixing up Public and Private Keys in OpenID Connect deployments

Nginx/Apache Path Confusion to Auth Bypass in PAN-OS [CVE-2025-0108]

Hacking High-Profile Bug Bounty Targets: Deep Dive into a Client-Side Chain

Uncovering Apple Vulnerabilities: diskarbitrationd and storagekitd Audit Part 3

GigaVulnerability: readout protection bypass on GigaDevice GD32 MCUs

Attempted Research in PHP Class Pollution

文章来源: https://dayzerosec.com/podcast/275.html
如有侵权请联系:admin#unsafe.sh