Overview
Description
Statistics
- 2 Posts
- 1 Interaction
Bluesky
Overview
Description
Statistics
- 1 Post
Fediverse
Microsoft Update causing Print Spooler Problems - CVE-2019-1367 | https://techygeekshome.info/cve-2019-1367/?fsp_sid=40138 | #Guide #Microsoft #News #security #Updates #Windows
https://techygeekshome.info/cve-2019-1367/?fsp_sid=40138
Overview
- cryptomator
- cryptomator
Description
Statistics
- 1 Post
Overview
- composer
- composer
Description
Statistics
- 1 Post
Fediverse
Composer (the dominant PHP package manager) shipped 2.9.6 and 2.2.27 LTS in April. The release fixes two command-injection bugs in the Perforce driver. CVE-2026-40261, severity 8.8. A malicious composer.json declares a Perforce repository and the shell runs whether or not Perforce is installed. Packagist disabled Perforce metadata April 10. Most CI build agents kept no audit trail across the ninety days the bug was live.
Overview
Description
Statistics
- 1 Post
Fediverse
Remote Code Execution in Apache ActiveMQ
"By calling addNetworkConnector through Jolokia with a crafted URI, an attacker can chain these mechanisms together to force the broker to fetch and execute a remote Spring XML configuration file"
https://horizon3.ai/attack-research/disclosures/cve-2026-34197-activemq-rce-jolokia/
Overview
Description
Statistics
- 1 Post
Overview
- Dell
- Disk Library for mainframe DLm8700
Description
Statistics
- 1 Post
Fediverse
MEDIUM severity SSRF (CVE-2026-23773) found in Dell DLm8700 📢. Low-priv remote attackers can trigger server-side requests. No known exploits, no patch yet — restrict access & follow vendor advisories. https://radar.offseq.com/threat/cve-2026-23773-cwe-918-server-side-request-forgery-08701a02 #OffSeq #SSRF #Dell #Cybersecurity
Overview
Description
Statistics
- 1 Post
Fediverse
Want to know how a “small” WebAssembly issue can become a big security problem?
In our new article, SSD Labs researcher, Aaron Cho, analyzes CVE-2024-12053. An arbitrary WebAssembly type confusion vulnerability leading to an RCE. Read about it here: https://ssd-disclosure.com/webassembly-canonical-vs-relative-type-index-confusion-leading-to-rce/
Overview
- Microsoft
- Windows 11 version 21H2
Description
Statistics
- 1 Post
Fediverse
Exploiting Reversing (ER) series: article 09 | Exploitation Techniques: CVE-2024-30085 (part 03)
Today I am releasing the nineth article in the Exploiting Reversing Series (ERS). In “Exploitation Techniques | CVE-2024-30085 (Part 09)” I provide a 106-page deep dive and a comprehensive roadmap for vulnerability exploitation:
https://exploitreversing.com/2026/04/28/exploiting-reversing-er-series-article-09/
Key features of this edition:
[+] Dual Exploit Strategies: Two distinct exploit editions built on the cldflt.sys heap overflow.
[+] PreviousMode Edition: Exploit cldflt.sys via WNF OOB + Pipe Attributes + ALPC + _KTHREAD.PreviousMode flip: elevation of privilege of a regular user to SYSTEM.
[+] PPL Bypass Edition: Exploit cldflt.sys via WNF OOB + PreviousMode flip + _EPROCESS.Protection strip + MiniDumpWriteDump: elevation of regular user to SYSTEM.
[+] Solid Reliability: Two complete, stable exploits, including a multi-step cleanup phase that restores the corrupted pipe attribute Flink and _KTHREAD.PreviousMode before process exit, preventing crash on cleanup.
This article guides you through two additional techniques for exploiting the CVE-2024-30085 Heap Buffer Overflow. While demonstrated here, these methods can be adapted as exploitation techniques for many other kernel targets.
I hope this serves as a definitive resource for your research. If you find it helpful, please feel free to share it or reach out with your feedback!
The following articles will continue the miniseries about iOS and Chrome, which are my areas of research.
Enjoy the reading and have an excellent day.
#exploit #exploitdevelopment #windows #exploitation #vulnerability #minifilterdriver #kernel #heapoverflow
Overview
- CrowdStrike
- LogScale Self-Hosted
Description
Statistics
- 1 Post