Twitter
信息源 时间
Twitter
vx-underground
vxunderground 原文
Re @HaboubiAnis Neat
Twitter
vx-underground
vxunderground 原文
Re @ihaveerektion @krabsonsecurity It is popular to hate on any widely used programming language.
Twitter
vx-underground
vxunderground 原文
"Now I am become Death, the destroyer of worlds." - Java, probably
Twitter
vx-underground
vxunderground 原文
Re @0xdestroyworlds @imn000f The password is in our bio
Twitter
vx-underground
vxunderground 原文
Re @cyb3rops Hahahahahaha
Twitter
vx-underground
vxunderground 原文
We have passed 100,000 followers 🥳 Thank you for this achievement. We look forward to continually serving the community with more malware and malwa...
Twitter
vx-underground
vxunderground 原文
Re @metantz1 @alwayswannahack @imn000f what
Twitter
vx-underground
vxunderground 原文
Re @alwayswannahack @imn000f The password is: - Listed on vx-underground - Memed on every comment - Listed in the Twitter bio - Can be Googled
Twitter
Nicolas Krassas
dinosn 原文
RT frycos: Here it is: my blog post for a Pre-Auth RCE on the famous 3CX Phone Management System.
Twitter
renniepak
renniepak 原文
RT Jason Haddix: Another crypto hack due to "access" to systems. Sounds like web 2.0 to me ¯\_(ツ)_/¯ Crypto companies: invest heavily in web 2 secu...
Twitter
CVE
CVEnew 原文
CVE-2021-43663 totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component cloudupdate_check...
Twitter
CVE
CVEnew 原文
CVE-2021-43662 totolink EX300_v2, ver V4.0.3c.140_B20210429 and A720R ,ver V4.1.5cu.470_B20200911 have an issue which causes uncontrolled resource con...
Twitter
CVE
CVEnew 原文
CVE-2021-43661 totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the componen...
Twitter
CVE
CVEnew 原文
CVE-2022-26646 Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter.
Twitter
CVE
CVEnew 原文
CVE-2022-26645 A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a craf...
Twitter
CVE
CVEnew 原文
CVE-2022-26644 Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via parameters on user...
Twitter
CVE
CVEnew 原文
CVE-2022-25008 totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an authentication mechanism.
Twitter
CVE
CVEnew 原文
CVE-2021-46010 Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. A...
Twitter
CVE
CVEnew 原文
CVE-2021-46009 In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without authentication. Additionally, admin configurati...
Twitter
CVE
CVEnew 原文
CVE-2021-46008 In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official released firmware. An attacker, who has c...
Twitter
CVE
CVEnew 原文
CVE-2021-46007 totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input ...
Twitter
CVE
CVEnew 原文
CVE-2021-46006 In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker c...
Twitter
CVE
CVEnew 原文
CVE-2021-43664 totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component process forc...
Twitter
CVE
CVEnew 原文
CVE-2022-24790 Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does n...
Twitter
CVE
CVEnew 原文
CVE-2021-45900 Vivoh Webinar Manager before 3.6.3.0 has improper API authentication. When a user logs in to the administration configuration web portl...
Twitter
CVE
CVEnew 原文
CVE-2021-38362 In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to a REST API endpoint that is vulnerable...
Twitter
CVE
CVEnew 原文
CVE-2021-33581 MashZone NextGen through 10.7 GA has an SSRF vulnerability that allows an attacker to interact with arbitrary TCP services, by abusing ...
Twitter
CVE
CVEnew 原文
CVE-2021-33523 MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that...
Twitter
CVE
CVEnew 原文
CVE-2021-33208 The "Register an Ehcache Configuration File" admin feature in MashZone NextGen through 10.7 GA allows XXE attacks via a malicious XML c...
Twitter
CVE
CVEnew 原文
CVE-2022-24763 PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of...
Weibo
page Flanker_017
Flanker_017 原文

                                            
                                        
Weibo
page ringzero
ringzero 原文
有些商业化企业想要在内部设立类似大学风格的实验室,但很快就会无法忍受这些实验室里的研究人员漫无目的搞探索。不久之后,公司就会开始要求这些研究人员研发可为公司带来收益的产品。漫无目的、没有时间期限、没有风险的研究工作谁会不喜欢呢?
Weibo
page 祝佳音
祝佳音 原文
数据肯定搞错了,不说别的,快乐手上我就至少见过50个在俄安家的人,有些在当地买了房,娶了媳妇甚至生了孩子。当然,这些人都朴实勤劳,都是讨生活,靠自己双手在俄生活,看着还挺幸福的,也从来不舔大帝和当地政府……
Weibo
page 祝佳音
祝佳音 原文
上海这次吧………是吧……这也显示了文明有多脆弱。你觉得上等文明,岁月静好,咖啡留声机是吧,咻的一下就下坠了。国际化大都市!契约精神!现代公民意识!高素质公务员体系!结果不知道哪儿出了问题,一溃千里。看最近的这些事儿,120竟然如此冷漠,简直平庸之恶本恶。而且这些事儿不比其他任何城市 ...全文
Twitter
DEF CON
defcon 原文
RT Cloud Village: 💥Hey all 💥 We are super excited to announce that after two years of virtual, #cloudvillage is back in Vegas for #DEFCON30 Stay...
Twitter
Nicolas Krassas
dinosn 原文
RT reversemode: I've updated my "SATCOM Terminals under attack in Europe" analysis with the new information that has been just published by Reuters. I...
Twitter
James Forshaw
tiraniddo 原文
RT Pedro Justo: It is live! Just finished publishing the first deep-dive, low-level developer focused Arm64EC ABI manual.
Twitter
James Forshaw
tiraniddo 原文
RT No Starch Press: 💥 FLASH SALE 💥 This is not a drill! We just lit the fuse of a 4-hour site-wide sale. From now until 4pm PT, EVERYTHING on ou...
Twitter
INTIGRITI
intigriti 原文
Re @3th1c_yuk1 @0xDexter0us @Hacker0x01 @Bugcrowd @synack Life can sometimes get in the way! But before you know it, you're fully back into it!
Twitter
CVE
CVEnew 原文
CVE-2021-45031 A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged a...
Twitter
CVE
CVEnew 原文
CVE-2019-12266 Stack-based Buffer Overflow vulnerability in Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to run arbitrary code on the affected d...
Twitter
CVE
CVEnew 原文
CVE-2019-9564 A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to bypass login and control the device...
Twitter
CVE
CVEnew 原文
CVE-2022-1160 heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.
Twitter
CVE
CVEnew 原文
CVE-2022-28223 Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to root by uploading a malicious Lua plug...
Twitter
CVE
CVEnew 原文
CVE-2022-27772 ** UNSUPPORTED WHEN ASSIGNED ** spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. ...
Twitter
CVE
CVEnew 原文
CVE-2022-24135 QingScan 1.3.0 is affected by Cross Site Scripting (XSS) vulnerability in all search functions.
Twitter
CVE
CVEnew 原文
CVE-2022-24132 phpshe V1.8 is affected by a denial of service (DoS) attack in the registry's verification code, which can paralyze the target service.
Twitter
CVE
CVEnew 原文
CVE-2022-27907 Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF.
Twitter
CVE
CVEnew 原文
CVE-2022-0998 An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhost_vdpa_config_val...
Twitter
CVE
CVEnew 原文
CVE-2022-23801 An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media.