Hazard Lab @thehazardlab - Twitter Profile

6 months ago

CVE-2025-9959: smolagents Python Sandbox Escape https://t.co/SXF1s3SNJG Python sandbox implementations often focus on blocking dangerous attribute access patterns like `obj.__class__` but forget that the same introspection is achievable through method invocation. #python #cve

thehazardlab's tweet photo. CVE-2025-9959: smolagents Python Sandbox Escape
https://t.co/SXF1s3SNJG

Python sandbox implementations often focus on blocking dangerous attribute access patterns like `obj.__class__` but forget that the same introspection is achievable through method invocation.

#python #cve https://t.co/5PPFTEg1fe

0

7

3

1

1K

thehazardlab retweeted

Vulmon Vulnerability Feed @VulmonFeeds

over 2 years ago

CVE-2024-23780 CVE-2024-23780 Exploit for Netbox This script exploits CVE-2024-23780, which allows remote code execution (RCE) on Netbox instances. Usage python netbox_exploit.py --url --username --password https://t.co/NfcfsJmnHF

0

6

2

0

823

thehazardlab retweeted

Hazard Researchers @hazardres

over 2 years ago

Unveiling CVE-2024-23780: Explore the Impact and Implications on NetBox's Security Landscape. https://t.co/U7nFJQxYxs POC: https://t.co/DrfaJOf5OJ Fofa: https://t.co/rE3WlOlOYD #netbox #security #network #devops #infrastructure #cve #exploit

hazardres's tweet photo. Unveiling CVE-2024-23780: Explore the Impact and Implications on NetBox's Security Landscape.
https://t.co/U7nFJQxYxs

POC: https://t.co/DrfaJOf5OJ

Fofa: https://t.co/rE3WlOlOYD

#netbox #security #network #devops #infrastructure #cve #exploit https://t.co/oO1lCvU77q

0

10

3

0

786

thehazardlab retweeted

Hazard Researchers @hazardres

over 2 years ago

#CVE-2023-50438 Manageengine AdAudit Plus #RCE

0

9

2

0

268

thehazardlab retweeted

Hazard Researchers @hazardres

over 2 years ago

Hazard Lab delves into the intricate vulnerabilities of ManageEngine ADAudit Plus with their comprehensive exploration of CVE-2023-50438. https://t.co/lY817RDAxT #adaudit #manageengine #activedirectory #cve #vulnerability #asm

hazardres's tweet photo. Hazard Lab delves into the intricate vulnerabilities of ManageEngine ADAudit Plus with their comprehensive exploration of CVE-2023-50438.

https://t.co/lY817RDAxT

#adaudit #manageengine #activedirectory #cve #vulnerability #asm https://t.co/Wd4XWED82Y

0

10

4

1

562

thehazardlab retweeted

DEFION Research Labs @defionlabs

almost 2 years ago

We've published our writeup of CVE-2024-20693, a vulnerability in Windows that allowed spoofing the code signature of binaries by placing them on an SMB share. This research originally was about something different, but we ran into a signature check... https://t.co/NXpMN4DNQz

defionlabs's tweet photo. We've published our writeup of CVE-2024-20693, a vulnerability in Windows that allowed spoofing the code signature of binaries by placing them on an SMB share. This research originally was about something different, but we ran into a signature check...

https://t.co/NXpMN4DNQz https://t.co/jhVoCPiVRO

5

282

86

99

41K

thehazardlab retweeted

DEVCORE @d3vc0r3

about 2 years ago

📣 PHP 最新發布的安全更新，修補由 DEVCORE 回報的重大 RCE 零時差漏洞 CVE-2024-4577。漏洞影響範圍包含 Windows 作業系統上繁體中文、簡體中文、日文三個語系的所有 PHP 版本。請相關使用者儘速參考 PHP 官方及 DEVCORE Blog 檢查及更新。 https://t.co/TVqn3SEBM5

0

100

33

18

12K