Bug in glibc's iconv() function allows for RCE in PHP servers by setting charset to ISO-2022-CN-EXT to trigger buffer overflow (CVE-2024-2961)
9
votes
Showing only topics with the tag "cve".
Back to normal view
-
-
When provided with CVE descriptions of 15 different vulnerabilities and a set of tools useful for exploitation, GPT-4 was capable of autonomously exploiting 13 of which, yielding an 87% success rate
17 votes -
Critical vulnerability in Rust's Command library allows for command injection when using its API to invoke batch scripts with arguments on Windows systems (CVE-2024-24576)
18 votes -
CVE-2020-19909 is everything that is wrong with CVEs (false bug report for curl)
25 votes -
WinRAR zero-day exploited since April to hack trading accounts
31 votes -
Log4Shell Update: Second log4j Vulnerability Published (CVE-2021-44228 + CVE-2021-45046)
20 votes -
Log4Shell: RCE 0-day exploit found in log4j2, a popular Java logging package
18 votes -
CVE-2021-3156 - How sudo on Linux was hacked
14 votes -
LPE and RCE in OpenSMTPD (CVE-2020-7247)
6 votes -
[CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections
7 votes -
Sudo flaw lets Linux users run commands as root even when they're restricted
18 votes -
Command Injection vulnerability in NodeJS
7 votes