| Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS |
|
|
|
| Studying 0days: How we hacked Anki, the world's most popular flashcard app |
|
|
|
| CVE-2024-29511 – Abusing Ghostscript’s OCR device |
|
|
|
| Probllama: Ollama Remote Code Execution Vulnerability (CVE-2024-37032) – Overview and Mitigations |
|
|
|
| Preauth RCE on NVIDIA Triton Server |
|
|
|
| Devfile file write vulnerability in GitLab |
|
|
|
| Who are you? The Importance of Verifying Message Origins |
|
|
|
| I found 2 Zero-Days in popular Linux distros that includes Mint, Kali, Parrot |
|
|
|
| MobSF Remote code execution (via CVE-2024-21633) |
|
|
|
| Multiple Vulnerabilities In Extreme Networks ExtremeXOS |
|
|
|
| CVE-2023–4632: Local Privilege Escalation in Lenovo System Updater |
|
|
|
| LibreOffice Arbitrary File Write (CVE-2023-1883) |
|
|
|
| Avast Anti-Virus privileged arbitrary file create on virus restore (CVE-2023-1586) |
|
|
|
| Pimcore: One click, two security vulnerabilities |
|
|
|
| CS:GO: From Zero to 0-day |
|
|
|
| Avast Anti-Virus privileged arbitrary file create on virus quarantine (CVE-2023-1585 and CVE-2023-1587) |
|
|
|
| Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 2 |
|
|
|
| Pretalx Vulnerabilities: How to get accepted at every conference |
|
|
|
| Parallels Desktop Toolgate Vulnerability |
|
|
|
| Attacking .NET Web Services |
|
|
|
| A New Vector For “Dirty” Arbitrary File Write to RCE |
|
|
|
| Froxlor v2.0.6 Remote Command Execution (CVE-2023-0315) |
|
|
|
| Uploading the Webshell using filename of Content-Disposition Header Story! |
|
|
|
| CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated Remote Code Execution |
|
|
|
| 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite |
|
|
|
writeups.xyz
/
Arbitrary File Write