Generating Proof-Of-Vulnerability Tests to Help Enhance the Security of Complex Software

Developers create modern software applications Apps on top of third-party libraries Libs. When library vulnerabilities are reachable through application code, the applications can be vulnerable to software supply chain attacks. Prior work shows that developers often require concrete and executabl...

Toward Scalable Automated Repository-Level Datasets for Software Vulnerability Detection

Software vulnerabilities continue to grow in volume and remain difficult to detect in practice. Although learning-based vulnerability detection has progressed, existing benchmarks are largely function-centric and fail to capture realistic, executable, interprocedural settings. Recent repo-level...

Execution-State-Aware LLM Reasoning for Automated Proof-Of-Vulnerability Generation

Proof-of-Vulnerability PoV generation is a critical task in software security, serving as a cornerstone for vulnerability validation, false positive reduction, and patch verification. While directed fuzzing effectively drives path exploration, satisfying complex semantic constraints remains a...

PBFuzz: Agentic Directed Fuzzing for PoV Generation

Proof-of-Vulnerability PoV input generation is a critical task in software security and supports downstream applications such as path generation and validation. Generating a PoV input requires solving two sets of constraints: 1 reachability constraints for reaching vulnerable code locations, and ...

Evaluating LLMs for One-Shot Patching of Real and Artificial Vulnerabilities

Automated vulnerability patching is crucial for software security, and recent advancements in Large Language Models LLMs present promising capabilities for automating this task. However, existing research has primarily assessed LLMs using publicly disclosed vulnerabilities, leaving their...

FaultLine: Automated Proof-Of-Vulnerability Generation Using LLM Agents

Despite the critical threat posed by software security vulnerabilities, reports are often incomplete, lacking the proof-of-vulnerability PoV tests needed to validate fixes and prevent regressions. These tests are crucial not only for ensuring patches work, but also for helping developers understa...

Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

json.org CVE-2022-45688 true & false positive WTF ?? The p...

Exploit for Out-of-bounds Write in Hutool

json.org CVE-2022-45688 false positive The project contains...

Exploit for Out-of-bounds Write in Hutool

json.org CVE-2022-45688 false positive The project contains...

Stagefrightened?

Posted by Mark Brand, Bypasser of Mitigations There’s been a lot of attention recently around a number of vulnerabilities in Android’s libstagefright. There’s been a lot of confusion about the remote exploitability of the issues, especially on modern devices. In this blog post we will demonstrate...

某图书系统通用注入一枚

简要描述： RT 详细说明： http://www.infosea.com.cn/yonghu.html 北京清大新洋科技有限公司 注入文件：opac/dzxxxgjg.jsp 测试案例： http://124.207.106.138:8070/opac/dzxxxgjg.jsp txdz=88952634&yzbm=88952634&dhhm=88952634&dzyj=88952634&dztm=88952634 http://218.241.174.148:8070/opac/dzxxxgjg.jsp...

用友某系统存在通用型远程代码执行

简要描述： 详细说明： 用友e-Learning 2.0学习管理系统 搜索特征 inurl:lmsv5/login!loginIndexPage.action 网络实例 http://58.214.233.113:8800/lmsv5/login!loginIndexPage.action http://60.216.4.162:9091/lmsv5/login!loginIndexPage.action http://139.210.99.46:8080/lmsv5/login!loginIndexPage.action http报文特征 爬行目录特征 attestionuserfil...