A command injection vulnerability exists in multiple GL.iNet network products, allowing an attacker to inject and execute arbitrary shell commands via JSON parameters at the gl_system_log and gl_crash ...
Continue Reading
January 24, 2024
An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute arbitrary code and gain sensitive information via crafted request in...Read More ...
Continue Reading
January 23, 2024
Deciphering the Cloud Conundrum: An Introduction to tRPC & GraphQL The dynamic domain of cloud technology presents a couple of instrumental methodologies in the arena of APIs: tRPC and GraphQL ...
Continue Reading
January 22, 2024
A vulnerability was found in uTorrent. It has been rated as critical. Affected by this issue is some unknown functionality of the component JSON RPC Server. The manipulation leads to privilege escalat ...
Continue Reading
December 15, 2023
[Lines of code](https://github.com/code-423n4/2022-11-looksrare/blob/f4c90ca149f4aeeac125605a56166297b717201a/contracts/LooksRareAggregator.sol#L51) # Vulnerability details ## Description There is a ...
Continue Reading
December 15, 2023
[Lines of code](https://github.com/code-423n4/2022-11-non-fungible/blob/main/contracts/Exchange.sol#L168) # Vulnerability details ## Description There are execute and bulkExecute functions in Exchan ...
Continue Reading
December 15, 2023
Apache Airflow Spark Provider. After the malicious Spark server address is configured through the connections of the Airflow UI interface, attackers exploit malicious servers to manipulate pyspark cli ...
Continue Reading
December 15, 2023
Back to Main
