Monday , May 10 2021 2:01 AM
Home / Tag Archives: execution

Tag Archives: execution

GitLab Patches Command Execution Vulnerability

Developers with GitLab this week fixed a critical vulnerability in the open source repository management software that could have led to command execution and allowed an authenticated user to gain access to sensitive application files, tokens, or secrets. HackerOne cofounder Jobert Abma unearthed the vulnerability last week and reported it …

Read More »

Avast Antivirus: X.509 Error Rendering Command Execution

Avast will render the commonName of X.509 certificates into an HTMLLayout frame when your MITM proxy detects a bad signature. Unbelievably, this means CN="<h1>really?!?!?</h1>" actually works, and is pretty simple to convert into remote code execution. To verify this bug, I've attached a demo certificate for you. Please find attached …

Read More »