9 matches found
NICE: A Framework for Declarative and Machine-Checkable Vulnerability Reproduction
Reproducing software vulnerabilities is fundamental to security researchers, open-source maintainers, and educators. Yet, vulnerabilities remain hard to reproduce today, and even when they can be reproduced, recreating a software environment where the vulnerability can be exploited becomes harder...
Exploit for Path Traversal in Gnu Mailman
🚨 CVE-2025-43919: Directory Traversal in GNU Mailman 2.1.39...
Exploit for NULL Pointer Dereference in Linux Linux_Kernel
DECPwn Practicing different Linux kernel exploitation techniqu...
Expert Analysis Reveals Cryptographic Weaknesses in Threema Messaging App
A comprehensive analysis of the cryptographic protocols used in the Swiss encrypted messaging application Threema has revealed a number of loopholes that could be exploited to break authentication protections and even recover users' private keys. The seven attacks span three different threat...
Semrush: Improper input validation in projects leads to fully deny access to project resources
INTRODUCTION Accounts used to search for this vulnerability: - id: █████████ email:███ - id: █████████ email: █████████ Most of the requests made to test the vulnerability were made with the "X-hackerone: adam" header IP used: ████ / ███ Endpoint URL:...
Microsoft Shells Out $100K for IoT Security
Microsoft has launched a bug-bounty program for its Azure Sphere offering, which is a security suite for the internet of things IoT that encompasses hardware, OS and cloud elements. The top reward will come in at $100,000. The Azure Sphere Security Research Challenge is an expansion of a program...
DEF CON 2018: Hacking Medical Protocols to Change Vital Signs
LAS VEGAS – In recent years there has been more attention paid to the security of medical devices; however, there has been little security research done on the unique protocols used by these devices. Many of the insulin pumps, heart monitors and other gadgets found in hospital rooms use aging...
Microsoft Graphics Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data...
setusercontext() privilege escalation in BSD systems
Multiple application misbihave if different limits are set via setusercontext, resulting in different exploitation scenarios...