Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose inf...
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.
Improper neutralization of special elements used in a command ('command injection') in Microsoft Power Pages allows an unauthorized attacker to exe...
Authentication bypass using an alternate path or channel in Microsoft Azure Active Directory B2C allows an unauthorized attacker to elevate privile...
Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network.
Deserialization of untrusted data in Microsoft Planetary Computer Pro allows an unauthorized attacker to disclose information over a network.
AutoPenX — LLM 驱动的全自动 CTF Web 解题 & 渗透测试系统 三阶段混合求解架构:确定性多智能体路线状态机 → 并行 LLM 竞速 → 顺序 ReAct 推理,实现零 API ...
The Akamai SIRT uncovered a custom P2P Trojan masquerading as system activity. Learn how to detect and mitigate this stealthy Go-based cryptominer.
pocx 一个完善的 yaml poc 引擎,poc 定义在wiki中 使用方法参考 example/main.go 未实现 - 部分表达式函数 - toUintString // expression/expr.go - TCP/UDP...
Exploração de Buffer Overflow SEH Overwrite no RGui 3.4.4 Visão Geral do Projeto Este projeto documenta uma análise completa de Engenharia Reversa ...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
