A look at an Android ITW DNG exploit

Posted by Benoît Sevens, Google Threat Intelligence Group Introduction Between July 2024 and February 2025, 6 suspicious image files were uploaded to VirusTotal. Thanks to a lead from Meta, these samples came to the attention of Google Threat Intelligence Group. Investigation of these images show...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 -u URL, --url URL 目标url -c COMM...

CVE-2018-3838

An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a specially crafted image t...

Mao10CMS v3.1.0存储型xss

简要描述： rt 详细说明： 在发布文章处，插入xss代码 然后查看文章，直接执行了插入的js代码 在测试demo的时候被阿里云的防护拦截了 漏洞证明：...

BlackBerry Enterprise Servers vulnerable to TIFF Image based Exploit

If you are a BlackBerry Enterprise Network user, here is something you need to be careful about. BlackBerry Enterprise Server BES users have been warned that an image-based exploit could allow hackers to access and execute code on the servers used to support corporate users of BlackBerry...