Feb 2, 2023

Pre-Auth RCE in Aspera Faspex: Case Guide for Auditing Ruby on Rails

Feb 1, 2023

RCE in Avaya Aura Device Services

Jan 24, 2023

Exploiting Hardcoded Keys to achieve RCE in Yellowfin BI

Oct 28, 2022

Exploiting Static Site Generators: When Static Is Not Actually Static

Sep 14, 2022

Breaking Bitbucket: Pre Auth Remote Command Execution (CVE-2022-36804)

Jun 26, 2022

Abusing functionality to exploit a super SSRF in Jira Server (CVE-2022-26135)

Jun 26, 2022

Advisory: Server Side Request Forgery in Jira Server (CVE-2022-26135)

Jun 9, 2022

Chaining vulnerabilities to criticality in Progress WhatsUp Gold

Jun 9, 2022

Advisory: Multiple Vulnerabilities in Progress Ipswitch WhatsUp Gold

May 27, 2022

Understanding CVE-2022-22972 (VMWare Workspace One Access Auth Bypass)
Page 1 of 5