f33d by Prelude | Substack

HTTP Request Smuggling in NodeJS

Octavia Johnston

New Top Community

OGNL injection in Confluence Server & Data Center allows unauthenticated remote code execution

Octavia Johnston

Aug 3

0verture: The Prelude Podcast CVE-EP16 Listen now (58 min) | What is a TTP? What is wrong with threat hunting classifications and ideas on how to enhance it.

Kristopher Willis (Xanthonus)

and

Samuel Barthelemy

Jul 29

CVE-2022-22965 (Spring4Shell): Remote code execution in Spring Framework.

Waseem Albaba (gerbsec)

Jul 26

0verture: The Prelude Podcast CVE-EP15 Listen now | Automated Security Software Landscape

Kristopher Willis (Xanthonus)

,

Samuel Barthelemy

, and

Lewis Zimmerman,

Jul 23

OGNL injection allows unauthenticated remote code execution

Octavia Johnston

Jul 19

Apache HTTP path traversal and remote code execution

Samuel Barthelemy

and

Waseem Albaba (gerbsec)

Jul 12

Starting today, TTP Tuesday releases will include #CVE exploit tests. The first few will focus on Linux and include brand new, and…

Octavia Johnston

Jul 6

f33d by Prelude

About Archive Authors

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts