Voidzone
1337 things, infosec stuff, rants and research.
Jul
13

CVE-2022-29885 - Don't Open That Port - A Denial Of Service vulnerability on Apache Tomcat Cluster Service Listener

7 min read
Oct
02

CVE-2021-43136 - FormaLMS - The evil default value that leads to Authentication Bypass

5 min read
Jul
09

SA-CONTRIB-2021-036 - NotSoSAML - Privilege escalation via XML Signature Wrapping on Miniorange Drupal plugin

7 min read
Jan
14

Matrix Synapse 1.12.3 - SSRF and Cache poisoning

6 min read
Dec
14

CVE-2018-20139 - Daikin Emura Series - Arbitrary Remote Control via DNS Rebinding

2 min read