cve search api

Play bad vulnerability: Let the CVE-2014-4113 overflow Win8 1. Introduction In October 14, 2014, Crowdstrike and FireEye published an article describing a new Windows Elevation of Privilege Vulnerability.Articles about CrowdstrikeMing: This new

Privilege Escalation using the Use-After-Free (UAF) vulnerability in the Linux Kernel Last month, the CVE-2016-0728 Local Elevation of Privilege Vulnerability let everyone's eyes again focused on Linux kernel security. Like CVE-2015-3636, CVE-2015-73

In-depth research on the ROP Load Analysis0x00 Introduction Exploit-db does not feel good, so I will translate the original article titled Deep Dive into ROP Payload Analysis, by Sudeep Singh. The main purpose of this article is to introduce the

Nmap memo form: From Discovery to vulnerability exploitation (Part 5)   This is the last part of the memo list. Here we will mainly discuss vulnerability assessment and penetration testing.Database Audit list database names   nmap -sV --script=mysql-

1. Purpose  The purpose of this article is to briefly introduce the Flash sample analysis process, and some commonly used tools for analyzing Flash samples include self-written mini programs.The content in this article includes: extraction of Flash

0x00 background Well, long short asked me to write an article on browser security, so I appeared, please don't speak out, this scum technology. This article draws on Kcon and hitcon PPT.  0x01 Introduction The question about browser security is the

The path to confrontation between vulnerability exploitation and Kaspersky0x00 Thank you I am particularly grateful to all of you for your support for your work this year. If you do not have any suggestions, you can only write some articles to make

Portal application Apache Jetspeed 2.3.0 and earlier versions: Remote Code Execution Vulnerability Analysis     As one of my personal projects on "security of open-source software for friendship detection", I am going to play with Apache Jetspeed 2

Recently there was an IE 0day (CVE-2014-0322) used for hanging horses. Although this vulnerability exists in IE, in order to achieve successful exploitation, the sample also uses flash as an aid to break through various protection measures. The

This are part of the A series:inside safetynet Part 1 (OCT 2015) Inside safetynet Section 2 (Feb 2016) Inside safetynet part 3 (Nov 2016) How to implement attestation securely using Server-side checks (my blog, cigital blog) safetynet Playground