Skip content

Are you looking for?

41 50 162 results

Sort by

Filter by

  • CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated...

    About 18 months ago, I was conducting a pentest of a document management platform. It was designed with...

    Read more

  • What is Cybersquatting?

    Cybersquatting is the act of registering a domain name which looks similar to a target domain in order...

    Read more

  • How Circle Banned Tornado Cash Users

    Tornado Cash is an open-source, decentralised cryptocurrency mixer. Using zero-knowledge proofs, this mixes identifiable funds with others, obscuring...

    Read more

  • CVE-2021-44076: Cross-Site Scripting (XSS) in CrushFTP

    During the course of our work, Nettitude have identified a stored Cross-Site Scripting (XSS) vulnerability within the CrushFTP...

    Read more

  • Network Relaying Abuse in a Windows Domain

    Network relaying abuse in the context of a legacy Windows authentication protocol is by no means a novel...

    Read more

  • CVE-2022-30211: Windows L2TP VPN Memory Leak and Use after...

    Nettitude discovered a Memory Leak turned Use after Free (UaF) bug in the Microsoft implementation of the L2TP...

    Read more

  • Offensive Security: From OSCE to OSCE3

    OSCE3 (Offensive Security Certified Expert 3) is a certification from Offensive Security which has replaced the (now retired)...

    Read more

  • CVE-2022-24004 & CVE-2022-24127: Vanderbilt REDCap - Stored Cross Site...

    Nettitude identified two stored Cross Site Scripting (XSS) vulnerabilities within Vanderbilt REDCap. These have been assigned CVE-2022-24004...

    Read more

  • CVE-2022-23270 - Windows Server VPN Remote Kernel Use After...

    Following yesterday’s Microsoft VPN vulnerability, today we’re presenting CVE-2022-23270, which is another windows VPN Use after Free (UaF)...

    Read more

  • CVE-2022-21972: Windows Server VPN Remote Kernel Use After Free...

    CVE-2022-21972 is a Windows VPN Use after Free (UaF) vulnerability that was discovered through reverse engineering the raspptp.sys...

    Read more

Error

Error

No results found

No results found that match your query

Loading results