Ed: Physical Laptop Takeover

At 6:16PM of August 11th of 2018, during H1-702, right before the sand storm beat the shit out of the rooftop party, we managed to perform a critical attack on Ed's infrastructure. F332214 Report Summary During our analysis and reconnaissance of how Ed program worked during the h1-702 event, we...

VulnCheck KEV: CVE-2002-1689

Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow...

LifeType version 1.1.2 Multiple Path Disclosure Vulnerabilities

netVigilance Security Advisory 8 LifeType version 1.1.2 Multiple Path Disclosure Vulnerabilities Description: LifeType is a Blogging platform built with PHP, designed with maximum customizability, speed and ease of use in mind. Due to program flaws it is possible for the remote attacker to disclo...

CVE-2000-1092

loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read files in the EZshopper data directory by inserting a "/" in front of the target filename in the "file" parameter...