信息源 | 时间 | ||
---|---|---|---|
DEF CON
|
defcon | 原文
RT Eric Terrell: Re @defcon At Los Alamos National Labs, one of Cray's largest customers, we put old Crays around trees and used them as park benches... |
|
CVE
|
CVEnew | 原文
CVE-2021-46204 Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. SQL injection vulnerability via ta... |
|
CVE
|
CVEnew | 原文
CVE-2021-46203 Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. |
|
CVE
|
CVEnew | 原文
CVE-2021-44299 A reflected cross-site scripting (XSS) vulnerability in \lib\packages\themes\themes.php of Navigate CMS v2.9.4 allows authenticated att... |
|
CVE
|
CVEnew | 原文
CVE-2021-42810 A flaw in the previous versions of the product may allow an authenticated attacker the ability to execute code as a privileged user on ... |
|
CVE
|
CVEnew | 原文
CVE-2021-33913 libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthentica... |
|
CVE
|
CVEnew | 原文
CVE-2021-33912 libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an un... |
|
CVE
|
CVEnew | 原文
CVE-2022-23221 H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SE... |
|
CVE
|
CVEnew | 原文
CVE-2022-22310 IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker cou... |
|
CVE
|
CVEnew | 原文
CVE-2021-38788 The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background applications. Malicious apps can use the i... |
|
Chaitin Tech
|
ChaitinTech | 原文
RT Real World CTF: Metal Coins: "Concept of sealing wax", ancient and classic, freezes the imprint of 2022 "Real World CTF". Follow us on CTFTime:http... |
|
Chaitin Tech
|
ChaitinTech | 原文
RT Real World CTF: Top 12 teams in 2022 Real World CTF will get full set of customized souvenirs! Super Hunters Conquer Together. Welcome aboard. Foll... |
|
Chaitin Tech
|
ChaitinTech | 原文
RT Real World CTF: Key Chain: Random collision, interlaced light, outline the "dragon" of "Real World CTF". Follow us on CTFTime:https://ctftime.org/e... |
|
redrain_QAQ
|
redrain_QAQ | 原文
大叔太可怜了 凌晨一点我嗷嗷哭😭 |
|
Nicolas Krassas
|
dinosn | 原文
Researchers Explore Hacking VirusTotal to Find Stolen Credentials |
|
Nicolas Krassas
|
dinosn | 原文
Russian Hackers Heavily Using Malicious Traffic Direction System to Distribute Malware |
|
Nicolas Krassas
|
dinosn | 原文
FIN8 Hackers Spotted Using New 'White Rabbit' Ransomware in Recent Attacks |
|
Rodolfo Assis
|
rodoassis | 原文
Here's a really good work you won't see anywhere, if I may say so myself. Powerful additions to an already powerful tool. https:/knoxss.me |
|
INTIGRITI
|
intigriti | 原文
New #BugBytes 🗞️ Find out how to test for reverse proxy misconfigurations with @pdnuclei, @b1two_'s proxy for testing NTLM EPA authentication, how... |
|
CVE
|
CVEnew | 原文
CVE-2021-46030 There is a Cross Site Scripting attack (XSS) vulnerability in JavaQuarkBBS <= v2. By entering specific statements into the background t... |
|
CVE
|
CVEnew | 原文
CVE-2021-44837 An issue was discovered in Delta RM 1.2. It is possible for an unprivileged user to access the same information as an admin user regard... |
|
CVE
|
CVEnew | 原文
CVE-2021-46104 An issue was discovered in webp_server_go 0.4.0. There is a directory traversal vulnerability that can read arbitrary file information ... |
|
CVE
|
CVEnew | 原文
CVE-2021-45808 jpress v4.2.0 allows users to register an account by default. With the account, user can upload arbitrary files to the server. |
|
CVE
|
CVEnew | 原文
CVE-2021-38787 There is an integer overflow in the ION driver "/dev/ion" of Allwinner R818 SoC Android Q SDK V1.0 that could use the ioctl cmd "COMPAT... |
|
yuange1975fuckwb
|
yuange1975fuckwb | 原文
查了一下我的LPR利率选的对日LPR利率生效,一个4月份一个10月份。如果明天5年期LPR降息,还算有一笔贷款能很快就减一点利息了,就是多的那一笔要到10月份去了。 |
|
yuange1975fuckwb
|
yuange1975fuckwb | 原文
回复@稻草人的迷失:本来就是故意的。//@稻草人的迷失:我觉得是故意的,这样一年还得保持原利率。 |
|
yuange1975fuckwb
|
yuange1975fuckwb | 原文
意思是夹狗就是这下场//@西安麦芽://@tombkeeper:你们注意这条微博第三段倒数第二个逗号前面的内容……//@老赵: 厉害了 //@普外科曾医生:35岁男性就出现这种情况,那真不应该,尽早手术吧! |
|
yuange1975fuckwb
|
yuange1975fuckwb | 原文
填权了没钱没有套利真亏呀,ADR分现金了除权了,看看明天港股怎么除权哈。其实两个是对等的,都除权日过后应该价值相等,不会差价达到分红的2.9%这么多的。明天港股对应的股价还是应该和现在ADR差别不大,真的是错过了,还是应该融资也买几千股的。 |
|
yuange1975fuckwb
|
yuange1975fuckwb | 原文
现在是动不动就抓人,自己还违法,真的很垃圾。//@慧文王GG:垃圾//@小天天:啥事//@胡波:哎//@老蘇老了:咳//@巍峰:而且,那条微博还泄露了当事人的身份证号,这事也得批评下。//@江宁婆婆:唉 |
|
yuange1975fuckwb
|
yuange1975fuckwb | 原文
不开心,5年期不年前就降,我的房贷利息今年都降不了一分钱。银行股要涨了,我前几天就说要配银行打新,可惜还没钱呢。 |
|
tombkeeper
|
tombkeeper | 原文
说起读文档——早年我们实验室研究过穿 IE 沙箱。当时几个技术路线都有同事在做。我就跑去读微软 IE 开发组的 Blog。我把他们所有的 Blog 全部读了一遍——其实也不算多,大概一百来篇。我大概花了一个下午加一个晚上,然后就找到了一条线索,最终发现了一个穿沙箱的办法。笨功夫不一定更费时间。 |
|
tombkeeper
|
tombkeeper | 原文
你们注意这条微博第三段倒数第二个逗号前面的内容……//@老赵: 厉害了 //@普外科曾医生:35岁男性就出现这种情况,那真不应该,尽早手术吧! |
|
Nicolas Krassas
|
dinosn | 原文
Captain Hook - How (not) to look for vulnerabilities in Java applications |
|
Nicolas Krassas
|
dinosn | 原文
C# tool to discover low hanging fruits |
|
Nicolas Krassas
|
dinosn | 原文
Yasso: Intranet assisted penetration toolset |
|
Nicolas Krassas
|
dinosn | 原文
Pip-Audit - Audits Python Environments And Dependency Trees For Known Vulnerabilities |
|
Nicolas Krassas
|
dinosn | 原文
Upstox - 111,002 breached accounts |
|
Nicolas Krassas
|
dinosn | 原文
Open Subtitles - 6,783,158 breached accounts |
|
Nicolas Krassas
|
dinosn | 原文
RT Will Dormann: Re @Dinosn This is a PoC for May's CVE-2021-31166 update. Not CVE-2022-21907. I'm not sure why so many are confusing the two. Perh... |
|
☣ KitPloit - Hacker Tools
|
KitPloit | 原文
Pip-Audit - Audits Python Environments And Dependency Trees For Known Vulnerabilities |
|
Rasta Mouse
|
_RastaMouse | 原文
RT Marc Smeets: Outflank Security Tooling demo time! Monday Febr 7 at 16:30h Central EU time / 09:30h Central US time. Contact me if you are interest... |
|
Rasta Mouse
|
_RastaMouse | 原文
Re @thecybermentor @squatsandshells The issues of practicality and difficultly are separate from gamification. Don't conflate them. Gamification is... |
|
blueblue
|
piedpiper1616 | 原文
GitHub - modzero/MZ-21-02-Trendmicro: Critical Vulnerabilities in Trend Micro Deep Security Agent for Linux - |
|
INTIGRITI
|
intigriti | 原文
Re @JoakimTauren Shameless plug: |
|
CVE
|
CVEnew | 原文
CVE-2022-21297 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.... |
|
CVE
|
CVEnew | 原文
CVE-2022-21383 Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications (component: Log). Supported versions ... |
|
CVE
|
CVEnew | 原文
CVE-2022-21337 Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.... |
|
CVE
|
CVEnew | 原文
CVE-2022-21342 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.... |
|
CVE
|
CVEnew | 原文
CVE-2022-21345 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are ... |
|
CVE
|
CVEnew | 原文
CVE-2022-21350 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected... |