Monero daemon (monerod) does not limit Content-length variable when processing incoming HTTP requests. We can force monerod to allocate arbitrary amount of memory. How to reproduce: 1) compile monero ...
Continue Reading
October 09, 2022
Microsoft has observed the Sliver command-and-control (C2) framework now being adopted and integrated in intrusion campaigns by [nation-state threat actors](), cybercrime groups directly supporting [r ...
Continue Reading
August 24, 2022
Microsoft has observed the Sliver command-and-control (C2) framework now being adopted and integrated in intrusion campaigns by [nation-state threat actors](), cybercrime groups directly supporting [r ...
Continue Reading
August 24, 2022
An update that fixes three vulnerabilities is now available. Description: This update for trivy fixes the following issues: Update to version 0.30.4: * fix: remove the first arg when running ...
Continue Reading
August 20, 2022
This module exploit a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication, impersonating as the admin (CVE-2021-26855) and write arbitrary file (CVE-2021-27 ...
Continue Reading
June 24, 2022
OnionOS login scanner module for Onion Omega2 devices.Read More ...
Continue Reading
June 24, 2022
Apache Dubbo prior to 2.6.9 and 2.7.10 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter which will find the ser ...
Continue Reading
June 23, 2022
Just like everything else, the world of API protocols is evolving. Typical [SOAP]() and REST APIs have many companies like GraphQL, gRPC, and Thrift. JSON-RPC is also on the list. Created to develop f ...
Continue Reading
June 23, 2022
Back to Main
