Topics in ~comp - Tildes

Showing only topics in ~comp with the tag "cve". Back to normal view / Search all groups

Bug in glibc's iconv() function allows for RCE in PHP servers by setting charset to ISO-2022-CN-EXT to trigger buffer overflow (CVE-2024-2961)
- security.cyber
Link
1 comment

offensivecon.org

April 22

9 votes
When provided with CVE descriptions of 15 different vulnerabilities and a set of tools useful for exploitation, GPT-4 was capable of autonomously exploiting 13 of which, yielding an 87% success rate
- security.cyber
PDF
8 comments

arXiv

April 19

17 votes
Critical vulnerability in Rust's Command library allows for command injection when using its API to invoke batch scripts with arguments on Windows systems (CVE-2024-24576)
- security.cyber
- programming languages
Article 450 words
4 comments

bleepingcomputer.com

April 10

18 votes
CVE-2020-19909 is everything that is wrong with CVEs (false bug report for curl)
- security
Article 1001 words, published Aug 25 2023
1 comment

haxx.se

September 26, 2023

25 votes
Log4Shell Update: Second log4j Vulnerability Published (CVE-2021-44228 + CVE-2021-45046)
- security
Article 892 words
4 comments

lunasec.io

December 15, 2021

20 votes
Log4Shell: RCE 0-day exploit found in log4j2, a popular Java logging package

Article 451 words

8 comments

lunasec.io

December 10, 2021

18 votes
CVE-2021-3156 - How sudo on Linux was hacked
- linux
Video 19:56, published Apr 22 2021
3 comments

YouTube: LiveOverflow

April 27, 2021

14 votes
LPE and RCE in OpenSMTPD (CVE-2020-7247)
- security
- open source
Link
1 comment

openwall.com

January 29, 2020

6 votes
[CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections
Article 2891 words
1 comment

seclists.org

December 5, 2019

7 votes
Command Injection vulnerability in NodeJS

Link

9 comments

npmjs.com

June 11, 2018

7 votes