[Web] Server Side Request Forgery via HTML injection in PDF download:https://blog.appsecco.com/server-side-request-forgery-via-html-injection-in-pdf-download-90ee4053e911
・ 从 PDF 文件下载到 SSRF 漏洞 – Jett
Seeing Mail(Demons)? Technique, Triggers, and a Bounty - ZecOps Blog:https://blog.zecops.com/vulnerabilities/seeing-maildemons-technique-triggers-and-a-bounty/
・ ZecOps 团队又发了一篇 Blog,证明上个月分析的 iOS Mail 客户端漏洞可以被远程利用,希望 Apple 尽快发一个补丁 – Jett
[Tools] Captainarash/The_Holy_Book_of_X86:https://github.com/Captainarash/The_Holy_Book_of_X86
・ X86架构圣经指南手册。 – lanying37
Huawei HKSP Introduces Trivially Exploitable Vulnerability:https://grsecurity.net/huawei_hksp_introduces_trivially_exploitable_vulnerability
・ Linux 内核 kernel-hardening 邮件列表有人提交了一个自保护的补丁 Huawei HKSP,GRsecurity 团队经过分析发现这个补丁自身存在多个严重漏洞 – Jett
Thunderspy - When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security:https://thunderspy.io/
・ Thunderspy - Intel Thunderbolt 雷电口被发现严重漏洞,物理接触的情况下可以读取所有数据,绕过锁屏,绕过全盘加密 – Jett
[Virtualization] Hyper-V #0x1 - Hypercalls part 1:https://foxhex0ne.blogspot.com/2020/05/hyper-v-0x1-hypercalls-part-1.html
・ Hyper-V #0x1 - Hypercalls part 1 – Jett
CVE-2020-11108: How I Stumbled into a Pi-hole RCE+LPE:https://frichetten.com/blog/cve-2020-11108-pihole-rce/
・ Pi-hole 广告屏蔽应用 RCE + 本地 root 提权漏洞分析(CVE-2020-11108) – Jett
[Windows] CVE-2018-8611 Exploiting Windows KTM Part 3/5 – Triggering the race condition and debugging tricks:https://research.nccgroup.com/2020/05/11/cve-2018-8611-exploiting-windows-ktm-part-3-5-triggering-the-race-condition-and-debugging-tricks/
・ CVE-2018-8611 Exploiting Windows KTM Part 3/5 – Triggering the race condition and debugging tricks – Jett
ProjectorBUg/CVE-2020-11932:https://github.com/ProjectorBUg/CVE-2020-11932
・ 去年 WhatsApp GIF 图片格式 Double Free 漏洞的 Exploit – Jett
[Linux] 2029 - project-zero - Project Zero - Monorail:https://bugs.chromium.org/p/project-zero/issues/detail?id=2029
・ Issue 2029: Linux 5.6: IORING_OP_MADVISE races with coredumping – Jett
Minimalistic SMB login bruteforcer:https://www.infosecmatter.com/minimalistic-smb-login-bruteforcer/
・ 用PowerShell编写的脚本进行SMB登录暴力破解测试。 – lanying37
[Browser] Double Frees in Chrome's Partition Alloc - part 2:https://blog.infosectcbr.com.au/2020/05/double-frees-in-chromes-partition-alloc.html
・ Double Frees in Chrome's Partition Alloc - part 2 – Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 微信公众号: 腾讯玄武实验室
+关注
快速开通微博你可以查看更多内容,还可以评论、转发微博。