Cloud Security

Samba man-in-the-middle attack Vulnerability (CVE-2015-5296)Samba man-in-the-middle attack Vulnerability (CVE-2015-5296) Release date:Updated on:Affected Systems: Samba Samba 4.x-4.1.22Samba Samba 4.3.x-4.3.3Samba Samba 4.2.x-4.2.7Samba Samba

Potential risks of eval in Python Eval is a built-in function used by Python to execute python expressions. Using eval, you can easily dynamically execute strings. For example, the following code:>>> Eval ("1 + 2 ")>>> Eval ("[x for x in range (10)]"

Startup attack analysis for Linux system full encryption Recently, our tan digital technology (GDS) researchers have discussed the cold start attack on Linux system full encryption. Everyone thinks this attack is feasible, but how hard is it to

Usage of windows Security Log Analysis Tool logparser Introduction to logparser First, let's take a look at the Logparser architecture diagram and familiarize ourselves with this diagram, which is of great benefit for us to understand and use

Apache Cordova White List Bypass Vulnerability (CVE-2015-5256)Apache Cordova White List Bypass Vulnerability (CVE-2015-5256) Release date:Updated on:Affected Systems: Apache Group Cordova Description: CVE (CAN) ID: CVE-2015-5256Cordova uses

Unauthorized access defects in Redis can easily lead to system hacking The Sebug website publishes detailed vulnerability information about unauthorized access defects in Redis. Unauthorized Access defects in Redis can easily lead to system hacking.

ARM mbed TLS Heap Buffer Overflow Vulnerability (CVE-2015-8036)ARM mbed TLS Heap Buffer Overflow Vulnerability (CVE-2015-8036) Release date:Updated on:Affected Systems: ARM mbed TLS 2. x-2.1.2ARM mbed TLS 1.3.x-1.3.14 Description: CVE (CAN) ID:

ASUS TM-AC1900 Stack Buffer Overflow Vulnerability (CVE-2015-6949)ASUS TM-AC1900 Stack Buffer Overflow Vulnerability (CVE-2015-6949) Release date:Updated on:Affected Systems: Asus TM-AC1900. Description: CVE (CAN) ID: CVE-2015-6949The ASUS

Libvdpau trace feature Arbitrary File Write Vulnerability (CVE-2015-5200)Libvdpau trace feature Arbitrary File Write Vulnerability (CVE-2015-5200) Release date:Updated on:Affected Systems: Libvdpau Description: CVE (CAN) ID:

Severe OS X vulnerabilities allow hackers to attack Mac computers without a password In the latest OS X version, a hidden file named Sudoers becomes a serious vulnerability, which allows hackers to attack the system without having to know the

Foxit Reader Arbitrary Code Execution VulnerabilityFoxit Reader Arbitrary Code Execution Vulnerability Release date:Updated on:Affected Systems: Foxit Reader Description: Bugtraq id: 76054Foxit Reader is a small PDF Reader.Foxit Reader has the

Correct position for Pwn smart watch Removal Although specialization is the key to many fields, I personally think that too much professionalism in the field of information security will lead to narrow vision and one-sided views. Now I want to try

How to Use Nexus 5 to forge a access card Some of the technologies mentioned in this article may be offensive and only for safe learning and teaching purposes. Illegal use is prohibited. 0 × 00 PrefaceA year ago, an old community in Hangzhou, where

Xiangpeng aviation's system SQL injection (you can run the SQL-shell command) Xiangpeng aviation's system SQL Injection Http: // **. **/web/Help. aspx? Code = Private injection parameter: code    sqlmap identified the following injection points

Wurth Chinese SQL injection vulnerability to obtain administrator password The SQL injection vulnerability exists and the dba permission exists. Injection point: http: // **. **/html/NewsView_cn.php? Id = 58You cannot write Trojans using udfs, and

Use Window. Opener to bypass CSRF Protection With the popularity of Web applications, security issues have become increasingly prominent. At present, the security of Web applications is more guaranteed by Web developers than by client verification

More tests that bypass restrictions using the whitelist 0x00 Preface In this blog, subteedoes not only introduce how to use installutil.exe to directly execute the pe file, but also introduces another method --Execute shellcode using

Unknown attack Yizhi anti--Webshell deformation technology highlights This article mainly analyzes and refines the Web Shell deformation technology. 0x1: Use string deformation technology to change hidden signatures The traditional shell kill-free

IT orange multi-site SQL injection 4 (involving a large number of databases) [HD] building network security with personal glory in the name of a team  1.Data Packets:  GET /investevents?scope=1&similar_money=2&sub_scope=75 HTTP/1.1Cookie:

SQL injection vulnerability in a website under Zhongguancun online Zhongguancun online under a station SQL injection vulnerability http://easyxiu.zol.com.cn/H/ POST/H/action /? Act = order HTTP/1.1Content-Length: 75Content-Type: