| Dangerous Import: SourceForge Patches Critical Code Vulnerability |
|
|
|
| Fixing Typos And Breaching Microsoft’s Perimeter |
|
|
|
| CreateRCE — Yet Another Vulnerability in CreateUri |
|
|
|
| Wiz Research finds architecture risks that may compromise AI-as-a-Service providers and consequently risk customer data; works with Hugging Face on mitigations |
|
|
|
| From Discovery to Disclosure: ReCrystallize Server Vulnerabilities |
|
|
|
| FlowFixation: AWS Apache Airflow Service Takeover Vulnerability and Why Neglecting Guardrails Puts Major CSPs at Risk |
|
|
|
| Micro Services, Major Headaches: Detecting Vulnerabilities in Erxes' Microservices |
|
|
|
| CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster |
|
|
|
| Java Deserialization Tricks |
|
|
|
| Subdomain Fuzzing worth 35k bounty! |
|
|
|
| I Love Lucee: Building Lucee Extensions for Remote Code Execution |
|
|
|
| Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762 |
|
|
|
| CVE-2024-21378 — Remote Code Execution in Microsoft Outlook |
|
|
|
| Reply to calc: The Attack Chain to Compromise Mailspring |
|
|
|
| Leaking ObjRefs to Exploit HTTP .NET Remoting |
|
|
|
| Exploiting embedded mitel phones for unauthenticated remote code execution |
|
|
|
| How I hacked into Google’s internal corporate assets |
|
|
|
| Continuing the Citrix Saga: CVE-2023-5914 & CVE-2023-6184 |
|
|
|
| Hello Lucee! Let us hack Apple again? |
|
|
|
| Exploiting Empire C2 Framework |
|
|
|
| How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution |
|
|
|
| Form Tools Remote Code Execution: We Need To Talk About PHP |
|
|
|
| How I got RCE in one of Bugcrowd's Public Programs |
|
|
|
| Auth Bypass Round Two |
|
|
|
| Remote Code Execution by Bypassing Cloudflare: CVE-2022–29464 Analysis |
|
|
|
writeups.xyz
/
RCE