Y4er的博客
归档 专栏 分类 标签 笔记 朋友
Y4er的博客
取消
归档专栏分类标签笔记朋友

 代码审计

2022

dotnet反序列化之并不安全的SerializationBinder 07-04
CVE-2022-28219 Zoho ManageEngine ADAudit Plus XXE到RCE 06-30
CVE-2022-21445 Oracle ADF Faces 反序列化RCE 06-29
SmarterStats 基于gRPC的RCE 06-29
CVE-2022-26134 Confluence Server Data Center OGNL RCE 06-08
CVE-2022-22972 VMware Workspace ONE Access Authentication Bypass RCE 05-27
从滥用HTTP hop by hop请求头看CVE-2022-1388 05-13
JBoss EAP/AS <= 6.* RCE及rpc回显 04-29
CVE-2022-22954 VMware Workspace ONE Access Server-side Template Injection RCE 04-09
CVE-2022-26503 Veeam Agent for Microsoft Windows LPE 03-22
CVE-2022-26500 Veeam Backup & Replication RCE 03-17
CVE-2022-22947 SpringCloud GateWay SPEL RCE Echo Response 03-03
CVE-2022-23131 Zabbix Web Frontend Bypassing the SAML SSO Authentication 02-22
CVE-2021-44521 Apache Cassandra 加载UDF RCE 02-12
CVE-2021-42631 PrinterLogic Web Stack unserialize RCE 01-28
CVE-2022-22733 Apache ShardingSphere ElasticJob-UI RCE 01-21
dotnet 反序列化的另外几个gadget 01-21
CVE-2021-45456 Apache Kylin 命令注入 01-13
MeterSphere PluginController Pre-Auth RCE 01-07

2021

CVE-2021-45232 Apache APISIX Dashboard Unauthorized Access Vulnerability 12-28
  • 1
  • 2
  • 3
  • 4
  • …
  • 6
由 Hugo 强力驱动 | 托管在 Cloudflare Pages 上 | 主题 - DoIt
2018 - 2023 Y4er | CC BY-NC 4.0