正在加载视频...

视频加载失败

返回首页

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server Don’t use and never use this vulnerability lightly,because it is a master of data cleaning

shimizukawasak's profile picture

ShimizuKawasaki

1,169 subscribers

97,358 次观看 • 2 年前 •via X (Twitter)

LIVE

Anya Rossi• Live Now

Private livecam show

5 条评论

CorSch 的头像
CorSch2 年前

Is this the "delete only" vulnerability? Looks like RCE to me.

ShimizuKawasaki 的头像
ShimizuKawasaki2 年前

clean before and install some plugins to rce

Debug 的头像
Debug2 年前

Nice work

Sem Jansen 的头像
Sem Jansen2 年前

Is there any way to get poc?

뚱이예요 的头像
뚱이예요2 年前

Can I get a poc for study purposes? I beg you.

相关视频

CVE-2023-23397 Simple and dirty PoC of the CVE-2023-23397 vulnerability impacting the Outlook thick client. #CVE #cybersecurity #infosec
0:42

CVE-2023-23397 Simple and dirty PoC of the CVE-2023-23397 vulnerability impacting the Outlook thick client. #CVE #cybersecurity #infosec

HackGit

76,809 次观看 • 3 年前

"A Vulnerability to Hack The World" - CVE-2023-4863 The start of a mini series digging into the recent WebP vulnerability. In this first episode, we explore huffman tables!
17:59

"A Vulnerability to Hack The World" - CVE-2023-4863 The start of a mini series digging into the recent WebP vulnerability. In this first episode, we explore huffman tables!

LiveOverflow 🔴

44,772 次观看 • 2 年前

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam
0:56

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam

HackGit

39,726 次观看 • 3 年前

Exfiltrate #WhatsApp chat, or internal data of any Android app, running on Android 12 or 13 by exploiting CVE-2024-0044 vulnerability
1:47

Exfiltrate #WhatsApp chat, or internal data of any Android app, running on Android 12 or 13 by exploiting CVE-2024-0044 vulnerability

Mobile Hacker

135,250 次观看 • 2 年前

Never use a persons vulnerability as a weapon during their time of weakness
1:23

Never use a persons vulnerability as a weapon during their time of weakness

Inky Johnson

172,600 次观看 • 2 年前

Data Center will use a lot of water, Listen!
0:50

Data Center will use a lot of water, Listen!

Johnny Midnight ⚡️

11,715 次观看 • 23 天前

The CertiK Skyfall team identified and collaborated with Apple to fix a vulnerability (CVE-2024-27801) in the low-level implementation of NSXPC, affecting all Apple platforms. This vulnerability could have potentially allowed malicious apps to gain unauthorized access to system services or steal user data from certain third-party applications, particularly those with architectures similar to Telegram. Our proof-of-concept attack demonstrated how a malicious app could steal chat history (such as pictures) from Telegram and transfer it to a remote server. Upgrade all your Apple devices and stay safe! Source:
1:09

The CertiK Skyfall team identified and collaborated with Apple to fix a vulnerability (CVE-2024-27801) in the low-level implementation of NSXPC, affecting all Apple platforms. This vulnerability could have potentially allowed malicious apps to gain unauthorized access to system services or steal user data from certain third-party applications, particularly those with architectures similar to Telegram. Our proof-of-concept attack demonstrated how a malicious app could steal chat history (such as pictures) from Telegram and transfer it to a remote server. Upgrade all your Apple devices and stay safe! Source:

CertiK

341,467 次观看 • 2 年前

In this video walkthrough, we break down the basic info of CVE-2023-23397 the zero-day, zero-touch vulnerability that was rated 9.8 on the #CVSS scale. Follow this thread as we detail the general exploitation routine of this #vulnerability.
0:53

In this video walkthrough, we break down the basic info of CVE-2023-23397 the zero-day, zero-touch vulnerability that was rated 9.8 on the #CVSS scale. Follow this thread as we detail the general exploitation routine of this #vulnerability.

Trend Micro Research

200,099 次观看 • 3 年前

Think of data as a lighthouse: once it’s there, everyone can use it, and your use doesn’t diminish mine. That’s why we don’t leave lighthouse-building to the market — and why government collects & shares economic data.
1:01

Think of data as a lighthouse: once it’s there, everyone can use it, and your use doesn’t diminish mine. That’s why we don’t leave lighthouse-building to the market — and why government collects & shares economic data.

Justin Wolfers

31,531 次观看 • 9 个月前

Demo of using #BlueDucky to exploit 0-click Bluetooth vulnerability of targeted Android smartphone (CVE-2023-45866) Executed by Raspberry Pi 4 and Android running #NetHunter
0:46

Demo of using #BlueDucky to exploit 0-click Bluetooth vulnerability of targeted Android smartphone (CVE-2023-45866) Executed by Raspberry Pi 4 and Android running #NetHunter

Mobile Hacker

129,612 次观看 • 2 年前

Here is ENLBufferPwn (CVE ID pending), a severe vulnerability in many first party 3DS, Wii U and Switch games. It allows remote code execution in a victim console by just having an online game session with an attacker. Vulnerability report: 🧵(1/7)
0:27

Here is ENLBufferPwn (CVE ID pending), a severe vulnerability in many first party 3DS, Wii U and Switch games. It allows remote code execution in a victim console by just having an online game session with an attacker. Vulnerability report: 🧵(1/7)

PabloMK7

590,742 次观看 • 3 年前

🚨CVE-2023-20198: Remote Code Execution via File Upload Vulnerability | $15,000 Bounty | PoC Credit:
3:26

🚨CVE-2023-20198: Remote Code Execution via File Upload Vulnerability | $15,000 Bounty | PoC Credit:

Dark Web Informer

22,486 次观看 • 1 年前

Streaming data from server to client with "use" in Next.js
0:53

Streaming data from server to client with "use" in Next.js

Alex Sidorenko

36,533 次观看 • 1 年前

CVE-2024-34470: Path Traversal vulnerability in HSC Mailinspector Credit:
0:59

CVE-2024-34470: Path Traversal vulnerability in HSC Mailinspector Credit:

Dark Web Informer - Cyber Threat Intelligence

20,351 次观看 • 1 年前

How much water do data centres really use in the UK? Sky's technology correspondent Rowland Manthorpe visits a "waterless" data centre in London and reveals how much water data centres use in the UK and why the issue is more complicated than it first appears. 🔗Full report:
1:33

How much water do data centres really use in the UK? Sky's technology correspondent Rowland Manthorpe visits a "waterless" data centre in London and reveals how much water data centres use in the UK and why the issue is more complicated than it first appears. 🔗Full report:

Sky News

39,124 次观看 • 3 天前

Texas is going from 40 Data Centers to over 400 in the next 2 years - Texas could use 30% of US data center power demand by 2028 - By 2030 the Texas data centers could use 161 billion gallons of water per year - The 400 data centers will use the equivalent of 9 million homes in energy usage every year I don’t want to EVER hear the words climate change ever again
0:39

Texas is going from 40 Data Centers to over 400 in the next 2 years - Texas could use 30% of US data center power demand by 2028 - By 2030 the Texas data centers could use 161 billion gallons of water per year - The 400 data centers will use the equivalent of 9 million homes in energy usage every year I don’t want to EVER hear the words climate change ever again

Wall Street Apes

156,125 次观看 • 24 天前

Do you use a virtual machine to browse dangerous links safely? If you use the Chrome browser inside that virtual machine, is it secure enough? As you might have guessed, the answer is not so much. We chained six unique CVEs from 2023 listed below. • Chrome Renderer RCE : CVE-2023-3079 • Chrome Sandbox Escape : CVE-2023-21674 • LPE in guest OS : CVE-2023-29360 • VMware Info Leak : CVE-2023-34044 • VMware Escape : CVE-2023-20869 • LPE in host OS : CVE-2023-36802
0:34

Do you use a virtual machine to browse dangerous links safely? If you use the Chrome browser inside that virtual machine, is it secure enough? As you might have guessed, the answer is not so much. We chained six unique CVEs from 2023 listed below. • Chrome Renderer RCE : CVE-2023-3079 • Chrome Sandbox Escape : CVE-2023-21674 • LPE in guest OS : CVE-2023-29360 • VMware Info Leak : CVE-2023-34044 • VMware Escape : CVE-2023-20869 • LPE in host OS : CVE-2023-36802

Theori

139,515 次观看 • 2 年前

🚨CVE-2025-31161: Authentication Bypass Vulnerability in CrushFTP Credit: Exploit:
8:14

🚨CVE-2025-31161: Authentication Bypass Vulnerability in CrushFTP Credit: Exploit:

Dark Web Informer

36,563 次观看 • 1 年前

“Facts don’t really matter for the de-growth mob.” — The Washington Post’s James Hohmann The anti–data center hysteria around water was built on a bogus stat about a data center’s water consumption in Chile that was off by a factor of 1,000. All U.S. data centers use less than 0.5% of America’s freshwater. The war on data centers is built on junk math and is funded by China and foreign billionaires!
1:28

“Facts don’t really matter for the de-growth mob.” — The Washington Post’s James Hohmann The anti–data center hysteria around water was built on a bogus stat about a data center’s water consumption in Chile that was off by a factor of 1,000. All U.S. data centers use less than 0.5% of America’s freshwater. The war on data centers is built on junk math and is funded by China and foreign billionaires!

Steve Guest

27,649 次观看 • 20 天前

"We Do Not Need This Many Data Centers- The Chips They Use Are Outdated Within 3 Years!" Journalist & Activist Tiffany Cianci Exposes The Data Center Bubble That China Is Avoiding! "The Future Of Compute Will Not Be In Data Centers, And China Knows It! 🚨WATCH/SHARE THE LIVE X STREAM:
9:45

"We Do Not Need This Many Data Centers- The Chips They Use Are Outdated Within 3 Years!" Journalist & Activist Tiffany Cianci Exposes The Data Center Bubble That China Is Avoiding! "The Future Of Compute Will Not Be In Data Centers, And China Knows It! 🚨WATCH/SHARE THE LIVE X STREAM:

Alex Jones

130,846 次观看 • 9 天前