值得一看 漏洞收集
有趣的漏洞
- Windows 11 Snipping Tool privacy bug exposes cropped image content
- InjectGPT: the most polite exploit ever
- Retrieving your browsing history through a CAPTCHA
- CVE-2021-45919: From Stored XSS to Code Execution using SocEng, BeEF and elFinder
- Exploiting URL Parsing Confusion Vulnerabilities
- uBlock, I exfiltrate: exploiting ad blockers with CSS
- Trojan Source Attacks
- How We Are Able To Hack Any Company By Sending Message - US $20000 Bounty CVE-2021-34506(翻译功能 uXSS) Video
- We Hacked Apple for 3 Months: Here’s What We Found
- How To Get Hacked By Accidentally Copy Pasting
软链接的妙用
目录穿越的妙用
影响重大的漏洞
- Dirty Pipe:A vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files(CVE-2022-0847 提权) EXP
- PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034) POC
- CVE-2021-44228: Log4j2 远程代码执行漏洞 POC CVE-2021-44832
- 2021 Hvv POC 合集
- ProxyLogon: pre-authenticated RCE vulnerability on Microsoft Exchange Server
- CVE-2020-5902: F5 BIG-IP远程代码执行漏洞
- 通达OA2017/V11.X~V11.5OA 前台任意用户登录漏洞 文件上传漏洞 任意用户登录POC 文件上传POC
- 致远A8 OA系统任意文件上传getshell漏洞分析报告 致远 OA 变种 BASE64 算法的加解密方法
Bypass
- CVE-2022-41923 Improper Privilege Management in Grails Spring Security Core <= 5.1.0
- Accidental $70k Google Pixel Lock Screen Bypass
- Bypassing Windows Lock Screen
- Exception(al) Failure - Breaking the STM32F1 Read-Out Protection
- A vulnerability affecting Hyundai and Genesis vehicles where we could remotely control car
- CVE-2020-15048 | Espressif ESP32: Bypassing Flash Encryption
- CVE-2020-13629 | Espressif ESP32: Bypassing Encrypted Secure Boot
- How I Got $10,000 From GitHub For Bypassing Filtration oF HTML tags
Escape
Browser
- TheHole New World - how a small leak will sink a great browser (CVE-2021-38003)
- Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals