| When Prompts Go Rogue: Analyzing a Prompt Injection Code Execution in Vanna.AI |
|
|
|
| Probllama: Ollama Remote Code Execution Vulnerability (CVE-2024-37032) – Overview and Mitigations |
|
|
|
| From a GLPI patch bypass to RCE |
|
|
|
| Preauth RCE on NVIDIA Triton Server |
|
|
|
| Brand-new prototype pollution gadget in MongoDB leading to RCE |
|
|
|
| Iconv, Set The Charset To RCE: Exploiting The Glibc To Hack The PHP Engine (Part 2) |
|
|
|
| Re-moo-te Code Execution in Mailcow: Always Sanitize Error Messages |
|
|
|
| Abusing title reporting and tmux integration in iTerm2 for code execution |
|
|
|
| What’s in a Name? Writing custom DNS tunnelling protocol, exploiting unexpected AWS Lambda misconfiguration – in a web app Pen test (Part 1) |
|
|
|
| Molding Lies Into Reality || Exploiting CVE-2024-4358 |
|
|
|
| Iconv, Set The Charset To RCE: Exploiting The Glibc To Hack The PHP Engine (Part 1) |
|
|
|
| The risk in malicious AI models: Wiz Research discovers critical vulnerability in AI-as-a-Service provider, Replicate |
|
|
|
| Wikimedia/svgtranslate 2.0.1 Remote Code Execution |
|
|
|
| Abusing url handling in iTerm2 and Hyper for code execution |
|
|
|
| My LLM Bug Bounty Journey on Hugging Face Hub via Protect AI |
|
|
|
| Exploit Archeology - Exploiting an old unknown Server Side Browser |
|
|
|
| Hacking Apple - SQL Injection to Remote Code Execution |
|
|
|
| Lethal Injection: How We Hacked Microsoft's Healthcare Chat Bot |
|
|
|
| LLM Pentest: Leveraging Agent Integration For RCE |
|
|
|
| Send()-ing Myself Belated Christmas Gifts - GitHub.com's Environment Variables & GHES Shell |
|
|
|
| Devfile file write vulnerability in GitLab |
|
|
|
| CVE-2024-2887: A Pwn2Own Winning Bug In Google Chrome |
|
|
|
| Poppin shells with Okta Verify on Windows |
|
|
|
| Code Injection to RCE with .NET |
|
|
|
| Hello: I’m your Domain Admin and I want to authenticate against you |
|
|
|
writeups.xyz
/
RCE