| From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms |
|
|
|
| How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System |
|
|
|
| How I Got Critical P2 Bug on Google VRP |
|
|
|
| Plug Security Holes in React Apps That Can Lead to API Exploitation |
|
|
|
| ElasticSearch Smash & Grab |
|
|
|
| SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts |
|
|
|
| Dynamics 365 Business Central - A Journey With Ups and Downs |
|
|
|
| 17 vulnerabilities in Sharp Multi-Function Printers |
|
|
|
| Targeting an industrial protocol gateway |
|
|
|
| Hacking My ISP Part 1: Exposing a Critical Bug Allowing SIM Swapping |
|
|
|
| Hacking into a Toyota/Eicher Motors insurance company by exploiting their premium calculator website |
|
|
|
| Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities |
|
|
|
| CVE-2023-6483: Improper/missing API authentication in ADiTaaS v5.1 |
|
|
|
| Hacking ISP CPE equipment: FiberHome |
|
|
|
| One port can be a costly mistake | Attack The Rsync Service in a Private Program |
|
|
|
| Technical Advisory – Multiple Vulnerabilities in Nagios XI |
|
|
|
| Remote code execution and elevation of local privileges in Mitel Unify OpenStage and OpenScape VoIP phones |
|
|
|
| Ray, Versions 2.6.3, 2.8.0 |
|
|
|
| Tapping into a telecommunications company’s office cameras |
|
|
|
| How can I obtain a $2k bounty solely based on curiosity? |
|
|
|
| How I got $$$ from AT&T |
|
|
|
| CVE-2023-36844 And Friends: RCE In Juniper Devices |
|
|
|
| Chained to hit: Discovering new vectors to gain remote and root access in SAP Enterprise Software |
|
|
|
| Shodan Recon to $1000 bounty in 2 mins |
|
|
|
| The 30000$ Bounty Affair. |
|
|
|
writeups.xyz
/
Missing Authentication