Hacker News new | past | comments | ask | show | jobs | submit | from login

LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) (seclists.org) 1 point by QUFB 3 months ago | past | web Multiple Vulnerabilities Fixed in Git (seclists.org) 2 points by based2 5 months ago | past | web Apache Solr RCE Through VelocityResponseWriter (seclists.org) 1 point by based2 5 months ago | past | web Re: [CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections (seclists.org) 2 points by DyslexicAtheist 5 months ago | past | web Inferring and hijacking VPN-tunneled TCP connections (seclists.org) 320 points by jedisct1 6 months ago | past | web | 126 comments CVE-2019-14899 - Inferring and hijacking VPN-tunneled TCP connections (seclists.org) 42 points by tinix 6 months ago | past | web | 4 comments Remote SSH user can force fake screensaver execution through dbus / systemd (seclists.org) 6 points by devhwrng 6 months ago | past | web Full Disclosure: FortiGuard XOR Encryption in Multiple Fortinet Products (seclists.org) 2 points by georgecmu 6 months ago | past | web FortiGuard XOR Encryption in Multiple Fortinet Products (seclists.org) 146 points by andromaton 6 months ago | past | web | 89 comments On Linux, 'less' can probably get you owned (2014) (seclists.org) 2 points by angrygoat 6 months ago | past | web sudo local priviledge escalation (sudo -u#-1) (seclists.org) 3 points by stiray 7 months ago | past | web | 1 comment CVE-2019-14287: UID -1 for sudo (seclists.org) 4 points by ddtaylor 7 months ago | past | web VBulletin 5.x pre-auth 0day dropped anonymously on Full Disclosure (seclists.org) 2 points by mmaunder 8 months ago | past | web | 1 comment VBulletin 5.x 0day RCE (seclists.org) 2 points by jkingsman 8 months ago | past | web | 1 comment NMAP Defcon Release 80 improvements include new NSE scripts/libs and new Npcap (seclists.org) 3 points by guessmyname 9 months ago | past | web Jira Server – Template injection in various resources – CVE-2019-11581 (seclists.org) 1 point by based2 10 months ago | past | web Subversion Security Update (seclists.org) 1 point by based2 10 months ago | past | web Microsoft Windows PowerShell / Unsanitized Filename Command Execution (seclists.org) 2 points by based2 10 months ago | past | web Apache Uno API RCE (seclists.org) 1 point by based2 10 months ago | past | web Linux-distros membership application – Microsoft (seclists.org) 4 points by kings_way 11 months ago | past | web | 1 comment AMD-SEV: Platform DH key recovery via invalid curve attack (CVE-2019-9836) (seclists.org) 2 points by film42 11 months ago | past | web | 1 comment Exim 4.87 to 4.91: possible remote exploit (seclists.org) 3 points by avian 12 months ago | past | web Docker is vulnerable to a symlink-race attack (seclists.org) 203 points by eyberg on May 28, 2019 | past | web | 79 comments Windows PowerShell ISE / Filename Parsing Flaw Remote Code Execution 0day (seclists.org) 2 points by based2 on May 4, 2019 | past | web “GRO packet of death” issue in the Linux kernel (seclists.org) 2 points by conductor on May 3, 2019 | past | web Systemd (PID1) crash with specially crafted D-Bus message (seclists.org) 66 points by dijit on Mar 19, 2019 | past | web | 28 comments CVE-2019-6454: Systemd (PID1) Crash with Specially Crafted D-Bus Message (seclists.org) 4 points by Jerry2 on Feb 20, 2019 | past | web CVE-2019-5736: runc container breakout (seclists.org) 240 points by afshinmeh on Feb 11, 2019 | past | web | 95 comments System Down: A systemd-journald exploit (seclists.org) 1 point by tjRonnh on Jan 10, 2019 | past | web System Down: A systemd-journald exploit (seclists.org) 2 points by badrabbit on Jan 10, 2019 | past | web More

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact Search: