Written by
Kent Weigle
Recent Posts
1
Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability (CVE-2022-44666) (0day)
j00sean (https://twitter.com/j00sean) July 11, 20232
CVE-2021-38294: Apache Storm Nimbus Command Injection
Sebôk Rezsx June 20, 20233
CVE-2023-21931 & CVE-2023-21839 RCE via post-deserialization
Charles Hanley June 19, 20234
Have you missed them? The new reports feature is here!
Noa Machter May 14, 20235
CVE-2021-45456 Apache Kylin RCE Exploit
Charles Hanley April 30, 2023
Related Posts
By Charles Hanley
Sep 05, 2023
Compile it ⚙️ , Debug it 🔬 , Hack it 😎 it's the Linux kernel 🐧
in this blog, we will see how to download the kernel source, compile it, and prepare for debugging with KGDB/GDB
By Charles Hanley
Jul 28, 2023
The De Vinci of DirtyPipe Privilege Escalation🐧🐧
By j00sean (https://twitter.com/j00sean)
Jul 11, 2023
Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability (CVE-2022-44666) (0day)
Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape, which was not fully fixed as CVE-2022-44666 in the patches released on December, 2022.
Start Closing Security Gaps
- Risk reduction from Day 1
- Fast set-up and deployment
- Unified platform
- Full-featured 14-day trial