|
About the Write-ups and Disclosures category
|
|
0
|
167
|
February 5, 2021
|
|
Multiple Severe Vulnerabilities in MonkeyType.Com | Chat Based XSS, Auth bypass, User Spoofing
|
|
0
|
108
|
September 9, 2021
|
|
Universal “netmask” npm package, used by 270,000+ projects, vulnerable to octal input data: server-side request forgery, remote file inclusion, local file inclusion, and more (CVE-2021-28918)
|
|
0
|
400
|
March 29, 2021
|
|
CVE-2021-35956 AKCP sensorProbe - 'Multiple' Cross Site Scripting (XSS)
|
|
3
|
289
|
August 28, 2021
|
|
CVE-2021-22929 - Brave Browser 1.27 and below permanently logs the server connection time for all v2 tor domains to ~/.config/BraveSoftware /Brave-Browser/tor/data/tor.log
|
|
1
|
105
|
August 17, 2021
|
|
New report on coordinated vulnerability disclosure in Canada
|
|
0
|
245
|
July 19, 2021
|
|
Recent macOS Threat Research I've been looking at
|
|
1
|
235
|
June 1, 2021
|
|
Researchers hacked Indian govt sites via exposed git and env files
|
|
1
|
233
|
May 19, 2021
|
|
Ubuntu Privilege Escalation: Exploiting Crash Handlers by Itai Greenhut from Aleph Security
|
|
0
|
173
|
February 16, 2021
|
|
CVE-2020-27388: YOURLS 1.5 - 1.7.10, Multiple Stored Cross Site Scripting (XSS) Vulnerabilities in Admin Panel
|
|
0
|
455
|
February 5, 2021
|
|
Arpspoof vs Kubernetes
|
|
0
|
513
|
November 6, 2020
|
|
How I found a TOR vulnerability in Brave Browser, reported it, watched it get patched, got a CVE (CVE-2020-8276), and a small bounty all in one working day
|
|
0
|
4956
|
November 9, 2020
|
