A command line Windows API tracing tool for Golang binaries. Note: This tool is a PoC and a work-in-progress prototype so please treat it as such. Feedbacks are always welcome! How it works? Although ...
Continue Reading
May 06, 2024
Qualys is re-defining attack surface management with CyberSecurity Asset Management (CSAM) 3.0, expanding the most comprehensive attack surface coverage on the market to include patent-pending EASM di ...
Continue Reading
May 06, 2024
Content-ID based embedding of resources in E-Mails could be abused to trigger client-side script code when using the "show more" option. Attackers could perform malicious API request ...
Continue Reading
May 06, 2024
E-Mail containing malicious display-name information could trigger client-side script execution when using specific mobile devices. Attackers could perform malicious API requests or extract informatio ...
Continue Reading
May 06, 2024
Maliciously crafted E-Mail attachment names could be used to temporarily execute script code in the context of the users browser session. Common user interaction is required for the vulnerability to t ...
Continue Reading
May 06, 2024
In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context (where the Jolokia JMX REST API and the Message REST API are located).It means that anyone can use these layer ...
Continue Reading
May 04, 2024
An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happ ...
Continue Reading
May 04, 2024
Apache ActiveMQ is vulnerable to Improper Access Control. The vulnerability is due to a default configuration which does not secure the API web context, allowing unrestricted use of the Jolokia JMX RE ...
Continue Reading
May 03, 2024
Back to Main
