230 - Samsung Baseband and GPU Vulns [Kagi Summary]The root cause of the vulnerability is a buffer overflow error in the CdmaSmsPar... 2023-12-6 21:0:0 | 阅读: 0 | 收藏 | DAY[0] - dayzerosec.com overflow baseband payload overly

229 - Buggy Cookies and a macOS TCC Bypass This post details a prompt-based exploit that c... 2023-12-5 21:0:0 | 阅读: 1 | 收藏 | DAY[0] - dayzerosec.com metal divergence bypassing ends repeat

228 - Hypervisor Bugs and a FAR-out iOS bug Kinda a cool bug dealing with an improper optimization and... 2023-11-29 21:0:0 | 阅读: 3 | 收藏 | DAY[0] - dayzerosec.com hole overflow attacker kinda memory

227 - Kubernetes Code Exec and There Is No Spoon Honestly, this is a simple bug, a react website, wiht sourc... 2023-11-28 21:0:0 | 阅读: 4 | 收藏 | DAY[0] - dayzerosec.com ingress lua copying attacker served

226 - A Heap of Linux Bugs One vulnerability a use-after-free in the Linux nftable sub... 2023-11-23 02:10:45 | 阅读: 4 | 收藏 | DAY[0] - dayzerosec.com compound memory folio contiguous buffers

225 - Prompting for Secrets and Malicious Extensions There is a lot going on in this post, the novel aspect are... 2023-11-21 21:0:0 | 阅读: 2 | 收藏 | DAY[0] - dayzerosec.com chrome motw bypasses chromeos

224 - A Bundle of Windows Bugs Simple off-by-one issue, the application parses the H... 2023-11-15 21:0:0 | 阅读: 3 | 收藏 | DAY[0] - dayzerosec.com numattrs overflow attacker apparent unknowingly

223 - Usurping Mastodon and Broken Signature Schemes Normalization gone wrong, Mastodon, when attempting to normali... 2023-11-14 21:0:0 | 阅读: 6 | 收藏 | DAY[0] - dayzerosec.com malformed firmware attacker akami poisoning

222 - MTE Debuts, DNS Client Exploits, and iTLB Additional Links: https://www.tacitosecurity.com/ekoparty2023.pdf ... 2023-11-8 21:0:0 | 阅读: 6 | 收藏 | DAY[0] - dayzerosec.com

221 - Attacking OAuth, Citrix, and some P2O Drama What happens when you don’t properly validate OAuth access... 2023-11-7 20:0:0 | 阅读: 9 | 收藏 | DAY[0] - dayzerosec.com dicom snprintf implicit openid memory

220 - Windows Kernel Bugs, Safari Integer Underflow, and CONSTIFY Not Found :( Home Page ... 2023-10-24 20:0:0 | 阅读: 6 | 收藏 | DAY[0] - dayzerosec.com

219 - Rapid Reset, Attacking AWS Cognito, and Confluence Bugs Rapid Reset is a Denial of Service (DOS) attack that abuses the HTTP/2 RST_STREAM frames functi... 2023-10-23 20:0:0 | 阅读: 11 | 收藏 | DAY[0] - dayzerosec.com cognito frames attacker uint8array client

218 - A Chrome RCE, WebP 0day, and glibc LPE A rather complex-bug to trigger that was found being exploi... 2023-10-11 07:45:0 | 阅读: 4 | 收藏 | DAY[0] - dayzerosec.com tunables huffman tunable overflow segments

217 - Insecure Firewalls, MyBB, and Winning with WinRAR A fairly simple processing bug in WinRAR resulting in code execut... 2023-10-10 19:45:0 | 阅读: 9 | 收藏 | DAY[0] - dayzerosec.com trimmed redos fairly

216 - Busted Stack Protectors, MTE, and AI Powered Fuzzing A bit of an unexpected fault in GCC’s -fstack-protector implementation that meant that the save... 2023-9-27 19:45:0 | 阅读: 6 | 收藏 | DAY[0] - dayzerosec.com overflow protector locals aarch64 allocations

215 - DEF CON, HardwearIO, Broken Caching, and Dropping Headers The title gives this one away, the header(...)... 2023-9-26 19:45:51 | 阅读: 5 | 收藏 | DAY[0] - dayzerosec.com parentid attacker uploadid sanitized sharefile

Spot the Vuln Shirt (Solutions) Unfortunately, we will not be directly selling these shirts, but I have another pos... 2023-7-7 14:55:30 | 阅读: 15 | 收藏 | DAY[0] - dayzerosec.com integers compliment multiplied attacker converted

Spot the Vuln Shirt (DIY) Unfortunately, we will NOT be selling the "Spot the Vuln" shirts we mentioned on th... 2023-7-7 12:42:33 | 阅读: 11 | 收藏 | DAY[0] - dayzerosec.com shirt vuln shirts spot producer

214 - Exploiting VMware Workstation and the Return of CSG0-Days Additional Links:https://bugs.chromium.org/p/project-zero/issues/detail?id=240... 2023-5-25 07:56:44 | 阅读: 22 | 收藏 | DAY[0] - dayzerosec.com chromium 240

213 - Jellyfin Exploits and TOCTOU Spellcasting Two vulnerabilities in Jellyfin, which is a media server fork of Emby. They focused on the REST... 2023-5-24 03:50:18 | 阅读: 22 | 收藏 | DAY[0] - dayzerosec.com encoder attacker similarly emby