Changes

From Security Weekly Wiki
Jump to navigationJump to search
no edit summary
#[https://www.securityweek.com/serious-vulnerability-github-enterprise-earns-researcher-20000 Serious Vulnerability in GitHub Enterprise Earns Researcher $20,000 | SecurityWeek.Com]
#[https://www.securityweek.com/security-testing-company-nss-labs-ceases-operations Security Testing Company NSS Labs Ceases Operations | SecurityWeek.Com]
#[https://www.exploitalert.com/view-details.html?id=36339 Apache Struts 2 Remote Code Execution - Exploitalert]- Was this post showing an example of a live target! https://seclists.org/fulldisclosure/2013/Oct/96
#[https://securityaffairs.co/wordpress/109816/hacking/cisco-cve-2020-3118-flaw-attacks.html Hackers are targeting CVE-2020-3118 flaw in Cisco devices]
#[https://latesthackingnews.com/2020/10/21/multiple-vulnerabilities-in-discord-desktop-app-could-allow-rce-attacks/ Multiple Vulnerabilities In Discord Desktop App Could Allow RCE Attacks] - ''If the contextIsolation is disabled, a web page’s JavaScript can affect the execution of the Electron’s internal JavaScript code on the renderer, and preload scripts… This behavior is dangerous because Electron allows the JavaScript code outside web pages to use the Node.js features regardless the nodeIntegration option and by interfering with them from the function overridden in the web page, it could be possible to achieve RCE even if the nodeIntegration is set to false.''
7,886

edits

Navigation menu