DEV Community

# vulnerability

Posts

👋 Sign in for the ability to sort posts by relevant, latest, or top.
Beware of Spring Boot Actuator Endpoint env: A Security Alert

Beware of Spring Boot Actuator Endpoint env: A Security Alert

1
Comments
3 min read
OWASP Broken Access Control Vulnerabilities

OWASP Broken Access Control Vulnerabilities

Comments
4 min read
Server side (vulnerability scanning)

Server side (vulnerability scanning)

6
Comments 1
10 min read
Patch your servers! It's time of regreSSHion

Patch your servers! It's time of regreSSHion

2
Comments
1 min read
buffer Overflow (Application Vulnerability)

buffer Overflow (Application Vulnerability)

4
Comments
3 min read
Unveiling the XZ Backdoor: A Deep Dive into the Shocking Supply Chain Attack

Unveiling the XZ Backdoor: A Deep Dive into the Shocking Supply Chain Attack

6
Comments 1
3 min read
Understanding Cross-Site Scripting (XSS)

Understanding Cross-Site Scripting (XSS)

5
Comments
4 min read
Death to the invincible engineer

Death to the invincible engineer

62
Comments 6
7 min read
Insecure Direct Object Reference (IDOR) vulnerability types

Insecure Direct Object Reference (IDOR) vulnerability types

Comments
3 min read
Rational Shift-Left Security for Developers

Rational Shift-Left Security for Developers

2
Comments 1
7 min read
10 Best Vulnerability Scanner Tools For Penetration Testing

10 Best Vulnerability Scanner Tools For Penetration Testing

2
Comments 1
4 min read
sudoedit (`sudo -e`) security flaw (CVE-2023-22809)

sudoedit (`sudo -e`) security flaw (CVE-2023-22809)

4
Comments 7
1 min read
sudoedit (`sudo -e`) に係る脆弱性 (CVE-2023-22809)

sudoedit (`sudo -e`) に係る脆弱性 (CVE-2023-22809)

2
Comments
1 min read
Top websites for website vulnerability checks online

Top websites for website vulnerability checks online

3
Comments
2 min read
Apache Commons Text RCE Vulnerability Analysis - CVE-2022-42889

Apache Commons Text RCE Vulnerability Analysis - CVE-2022-42889

5
Comments
3 min read
Sekurak MSHP CTF Summary - Part 1

Sekurak MSHP CTF Summary - Part 1

2
Comments
3 min read
How I found an S3 vulnerability in a $85 million funded startup and reported it ethically

How I found an S3 vulnerability in a $85 million funded startup and reported it ethically

1
Comments
4 min read
Forging GraphQL Bombs, the 2022 version of Zip Bombs

Forging GraphQL Bombs, the 2022 version of Zip Bombs

47
Comments 2
4 min read
Reconmap 1.1.0 release notes

Reconmap 1.1.0 release notes

5
Comments
2 min read
Finding a Stack Buffer Overflow

Finding a Stack Buffer Overflow

5
Comments
7 min read
What a Jar of Buttons Is Teaching Me About Trust

What a Jar of Buttons Is Teaching Me About Trust

10
Comments 2
5 min read
A new RCE vulnerability on Log4j 2.17.0 (CVE-2021-4483)

A new RCE vulnerability on Log4j 2.17.0 (CVE-2021-4483)

3
Comments
1 min read
Log4j 2.17.0 に関わる新たな RCE 脆弱性 (CVE-2021-4483)

Log4j 2.17.0 に関わる新たな RCE 脆弱性 (CVE-2021-4483)

3
Comments
1 min read
What is Log4j Vulnerability and how dangerous is it

What is Log4j Vulnerability and how dangerous is it

2
Comments
3 min read
Log4j 2: New vulnerability on DoS in 2.16.0 and below

Log4j 2: New vulnerability on DoS in 2.16.0 and below

9
Comments 3
1 min read
Log4j 2: DoS に関わる新たな脆弱性 (2.16.0 とそれ以前のバージョン)

Log4j 2: DoS に関わる新たな脆弱性 (2.16.0 とそれ以前のバージョン)

3
Comments
1 min read
log4shell の JAR 検査ツール

log4shell の JAR 検査ツール

3
Comments
1 min read
New Log4j vulnerability was found in 2.15.0 which is less dangerous

New Log4j vulnerability was found in 2.15.0 which is less dangerous

4
Comments
2 min read
About Apache Log4j RCE vulnerability (CVE-2021-44228)

About Apache Log4j RCE vulnerability (CVE-2021-44228)

6
Comments 1
1 min read
Apache Log4j RCE 脆弱性 (CVE-2021-44228) に関して

Apache Log4j RCE 脆弱性 (CVE-2021-44228) に関して

3
Comments
1 min read
Apache Log4j RCE vulnerability (CVE-2021-44228): Attack trials detected

Apache Log4j RCE vulnerability (CVE-2021-44228): Attack trials detected

3
Comments
1 min read
Apache Log4j RCE 脆弱性 (CVE-2021-44228): 攻撃試行を検出

Apache Log4j RCE 脆弱性 (CVE-2021-44228): 攻撃試行を検出

3
Comments
1 min read
Evolving Threat series — Infiltrating NPM’s Supply Chain (UA-Parser-js)

Evolving Threat series — Infiltrating NPM’s Supply Chain (UA-Parser-js)

3
Comments
4 min read
Mitigating the 0-day Apache path traversal vulnerability

Mitigating the 0-day Apache path traversal vulnerability

6
Comments
4 min read
Blind XPath Injections: The Path Less Travelled

Blind XPath Injections: The Path Less Travelled

22
Comments
5 min read
Be Openly Confused

Be Openly Confused

4
Comments
1 min read
14 Software Security Terms You Should Know

14 Software Security Terms You Should Know

7
Comments
3 min read
Security Benchmarking at 1300 °C

Security Benchmarking at 1300 °C

5
Comments
5 min read
Generating pentest reports with Reconmap

Generating pentest reports with Reconmap

6
Comments
3 min read
To improve good security practices

To improve good security practices

7
Comments
1 min read
Hacking the antivirus: BitDefender remote code execution vulnerability

Hacking the antivirus: BitDefender remote code execution vulnerability

4
Comments 2
4 min read
A simple way to hack C/C++ application

A simple way to hack C/C++ application

14
Comments
3 min read
Simple Tool for Testing CVE Mitigation in Web Apps

Simple Tool for Testing CVE Mitigation in Web Apps

9
Comments 1
4 min read
RCE in Mattermost Desktop earlier than 4.2.0

RCE in Mattermost Desktop earlier than 4.2.0

6
Comments
3 min read
XSS in Ghost

XSS in Ghost

71
Comments 12
9 min read
A Dive into Ruby CVE-2017-17405: Identifying a Vulnerability in Ruby’s FTP Implementation

A Dive into Ruby CVE-2017-17405: Identifying a Vulnerability in Ruby’s FTP Implementation

7
Comments
6 min read
Attention! New .NET Vulnerabilities

Attention! New .NET Vulnerabilities

6
Comments
5 min read
Vulnerability Focus: PHP

Vulnerability Focus: PHP

10
Comments
5 min read
Cross-site scripting Attack Tutorial

Cross-site scripting Attack Tutorial

41
Comments 1
1 min read
How to update NPM Module for vulnerability

How to update NPM Module for vulnerability

6
Comments
1 min read
Type Manipulation Vulnerabilities

Type Manipulation Vulnerabilities

26
Comments
4 min read
loading...