Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @pyn3rd
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @pyn3rd
-
#CVE-2020-7799 FusionAuth RCE via Apache Freemarker Templatepic.twitter.com/QGc3cuCiZ7Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
pyn3rd proslijedio/la je Tweet
CVE-2020-2655: TLS/DTLS client authentication bypass in Java 11 & 13 (JSSE) Details & PoC https://web-in-security.blogspot.com/2020/01/cve-2020-2655-jsse-client.html …pic.twitter.com/pL0JoMPMnB
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#CVE-2020-5398 Reflected File Download Attack via “Content-Disposition” Header Sourced from Request Input by Spring MVC or Spring WebFlux Application http://pivotal.io/security/cve-2 …pic.twitter.com/PE0UrF9e0NHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Please take care of your Weblogic Server, cause the Oracle Critical Patch is only released for 12.2.1.4, other versions are unprotected until Jan. 31.https://twitter.com/pyn3rd/status/1217807753810309121 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#CVE-2020-2551 Weblogic RCE via iiop protocol, funny bug:Dpic.twitter.com/Xv6ar3w8GxHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
pyn3rd proslijedio/la je Tweet
Just posted Remote Code Execution in Three Acts: Chaining Exposed Actuators and H2 Database Aliases in Spring Boot 2. Using a payload containing three different programming languages :)https://spaceraccoon.dev/remote-code-execution-in-three-acts-chaining-exposed-actuators-and-h2-database …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
If looking back for the old vulnerabilities, I will obtain new knowledge, as you know, some vulnerability in past time not a critical one ,even it should not be called “vulnerability”, but someday maybe it will be renascent. : Dhttps://twitter.com/hkashfi/status/1215784519984467975 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
About CVE-2019-12086, jackson-databind read arbitrary local files, at that time, I only use the gadget [com.mysql.cj.jdbc.admin.MiniAdmin] to read arbitrary local file of the target, but now it can be made a remote code execution.: )pic.twitter.com/AOco4lF2u2
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
JDBC Unserialization RCE, when target using mysql-connector-java-8.0.x which I posted yesterday, the trigger is [queryInterceptors]. However when mysql-connector-java-5.1.x in the CLASSPATH, [statementInterceptors] can be a trigger.pic.twitter.com/ktan15tU7Z
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Spring Boot + SnakeYmal unserialization RCE, old but good.pic.twitter.com/JnvZX0kauK
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MySQL-JDBC unserialization RCE, disclosed in BlackHat Europe 2019.The attack controls the target to connect an evil MySQL Server, make it unserialize the evil Java Serialized Stream.Nice work!pic.twitter.com/NfxPQKJLdR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
The first shot in 2020, Apereo CAS 4.2.1 RCE, old but good, some guys ought to say it’s a backdoor.Happy new year and have fun! :Dpic.twitter.com/77uEAy5Skz
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Today is the last day of 2019, one decade is vanished, another decade is on the way, next year keep on popping up Calculator : D
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#CVE-2019-17558: Velocity custom template RCE vulnerability https://issues.apache.org/jira/plugins/servlet/mobile#issue/SOLR-13971 …https://twitter.com/pyn3rd/status/1189737982875467776 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571 https://issues.apache.org/jira/plugins/servlet/mobile#issue/AMQ-7370 …https://twitter.com/pyn3rd/status/1209446292390215681 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#CVE-2019-17571 Apache Log4j 1.2.x RCE via Socket Server Deserializationpic.twitter.com/fwfQ8c63N0Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
An ancient Struts2 RCE vulnerability, CVE-2012-1592, the statement was updated by RedHat several days ago. https://access.redhat.com/security/cve/cve-2012-1592 …pic.twitter.com/e9G1aMxSPR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
pyn3rd proslijedio/la je Tweet
I made some research on Java remote protocols https://i.blackhat.com/eu-19/Wednesday/eu-19-An-Far-Sides-Of-Java-Remote-Protocols.pdf …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.