CVE-2021-35587

Code-Audit-Articles some interesting code audit articles i read ELFINDER: THE STORY OF A REPWNING Hacking a Bank by Finding a 0day in DotCMS security code audit fails Exploiting Arbitrary Object Instantiations in PHP without Custom Classes Oracle Access Manager Pre-Auth RCE (CVE-2021–35587 Analysis) Miracle - One Vulnerability To Rule Them All

CVE-2021-35587 Description POC for CVE-2021-35587: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager create by antx at 2022-03-14 Detail Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent) Easily exploitable vulnerability allows u

FrameVul FrameVul 综合 钉钉 泛微OA 致远OA Apache APISIX Apache Druid Apache Kylin Coremail Discuz Exchange FastJson Fckeditor Flask Gitlab Jboss Jenkins Log4j MeterSphere Oracle Access Manager Outlook Shiro Spring Struts2 Thinkphp TP-Link Vmware Weblogic Zabbix 综合 主流供应商的一些攻击性漏洞汇总 2021_Hvv漏洞 2022年Java应用程序的CVE漏洞

pyfetch This is a python3 alternative to gofetch The tool has the same exact capabilities as gofetch where it plainly outputs the CVEs or alternatively include -info to get the full CVE info Installation: git clone githubcom/k0imet/pyfetchgit cd pyfetch chmod +x pyfetchpy /pyfetchpy Usage: [demo@demo ~]$ /pyfetchpy Usag

PoC in GitHub 2022 CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a f

PoC in GitHub 2022 CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a f

PoC in GitHub 2022 CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a f