Aggregator

小0day；CodeParser.parse_callable_details() 方法在解析函数的返回类型注解时，将注解字符串通过 ast.unparse() 提取后直接传递给 eval() 执行。

第二个零解题确实做不出来，8字节任意地址写没有泄露的ioctl支持解决不了

红队基础设施建设--重定向器

赛场时候的做题

遇到一个只有这个手法才能解决的题目，结合源码理解一下这个题目，顺便总结一下堆所学的知识

致远V7.0SP3基于seeyonreport(帆软报表v9)的历史漏洞分析

第一次做数据库类型的heap，和常规的heap从利用和调试上都差距很多，网上都是打heap，这里通过连续伪造打的stack

EDR 对抗技术的分层拆解

Tomcat Tribes 分布式通信节点反序列化分析

Sean Plankey reportedly told colleagues that he needed to focus on assuaging concerns about his Coast Guard work that had led Sen. Rick Scott (R-FL) to block his nomination.

The bill, known as the SECURE Data Act, is backed by top Republicans on the House Energy and Commerce and Financial Services committees.

Файлы опасного вируса-уничтожителя попали в открытый доступ спустя месяцы после атаки.

A vulnerability classified as problematic has been found in Linux Kernel up to 2.6.18 on IA64. This issue affects the function sys_perfmon. Performing a manipulation as part of File Descriptor results in denial of service. This vulnerability is cataloged as CVE-2006-3741. The attack must originate from the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Symantec Norton AntiVirus. Impacted is an unknown function of the component IOCTL Driver. Executing a manipulation can lead to Remote Code Execution. This vulnerability is registered as CVE-2006-4927. The attack requires access to the local network. Furthermore, an exploit is available. Upgrading the affected component is advised.

Microsoft confirmed that a recent Microsoft Edge browser update introduced a bug that prevents Windows users from joining Teams meetings. [...]

In a blog in late January, we discussed new NETSCOUT nGenius capabilities designed to help organizations prevent service disruptions. With Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate lifespans now shrinking dramatically, and playing a critical role in digital trust, it’s worth examining why...

You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes. The supply chain is messy. Packages you did not check are stealing data, adding backdoors, and spreading. Attacking the systems behind apps is easier than breaking the apps themselves. The exploits are simple but still work

​

A vulnerability classified as problematic has been found in WebKitGTK and WPE WebKit. This affects the function WebPage::send-request. The manipulation leads to authorization bypass. This vulnerability is documented as CVE-2025-66286. The attack can be initiated remotely. There is not any exploit available.

A vulnerability described as critical has been identified in Funnelforms FunnelFormsPro Plugin up to 3.8.1 on WordPress. Affected by this issue is the function Inclusion.This. Executing a manipulation can lead to code injection. This vulnerability is registered as CVE-2026-39440. It is possible to launch the attack remotely. No exploit is available.