#Tag · bonfire.cafe

Hacker News

No Leak, No Problem – Bypassing ASLR with a ROP Chain to Gain RCE

https://modzero.com/en/blog/no-leak-no-problem/

#HackerNews #NoLeakNoProblem #ROPChain #RCE #SecurityResearch #ASLR #Exploit

No Leak, No Problem - Bypassing ASLR with a ROP Chain to Gain RCE

content

jbz boosted

jbz

@jbz@indieweb.social · 4 days ago

🪤 TARmageddon (CVE-2025-62518): RCE Vulnerability Highlights the Challenges of Open Source Abandonware

｢ In the worst-case scenario, this vulnerability has a severity of 8.1 (High) and can lead to Remote Code Execution (RCE) through file overwriting attacks, such as replacing configuration files or hijacking build backends ｣

https://edera.dev/stories/tarmageddon

#TARmageddon #CVE202562518 #rust #rce #cybersecurity

jbz

@jbz@indieweb.social · 4 days ago

🪤 TARmageddon (CVE-2025-62518): RCE Vulnerability Highlights the Challenges of Open Source Abandonware

https://edera.dev/stories/tarmageddon

#TARmageddon #CVE202562518 #rust #rce #cybersecurity

Matt "msw" Wilson

@msw@mstdn.social · 4 months ago

"SUSE Multi-Linux Manager provides automated patching, content lifecycle management, and realtime monitoring to keep your mixed Linux environment secure"

#CVE #RCE #InfoSec

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46811

Stefano Marinelli boosted

Peter N. M. Hansteen

@pitrh@mastodon.social · 4 months ago

For our MSFT-aligned friends in particular,

Happy POST /_layouts/15/ToolPane.aspx?DisplayMode=Edit day to all who celebrate!

https://www.cisa.gov/news-events/alerts/2025/07/20/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770 #sharepoint #bugs #msft #post #rce

Peter N. M. Hansteen

@pitrh@mastodon.social · 4 months ago

For our MSFT-aligned friends in particular,

Happy POST /_layouts/15/ToolPane.aspx?DisplayMode=Edit day to all who celebrate!

https://www.cisa.gov/news-events/alerts/2025/07/20/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770 #sharepoint #bugs #msft #post #rce

maco and 1 other boosted

David Leadbeater

@dgl@infosec.exchange · 4 months ago

I found a vulnerability in git. CVE-2025-48384: Breaking git with a carriage return and cloning RCE - https://dgl.cx/2025/07/git-clone-submodule-cve-2025-48384

As the post explains this is one of my favourite classes of vulnerability, using characters that are old and sometimes forgotten.

#git #security #rce #ascii

David Leadbeater

@dgl@infosec.exchange · 4 months ago

I found a vulnerability in git. CVE-2025-48384: Breaking git with a carriage return and cloning RCE - https://dgl.cx/2025/07/git-clone-submodule-cve-2025-48384

As the post explains this is one of my favourite classes of vulnerability, using characters that are old and sometimes forgotten.

#git #security #rce #ascii