Vulnerability Root-Cause Analysis on Linux
A walk-through of conducting a root-cause analysis on a Linux program vulnerability using debugging tools to trace a crash from FFmpeg back to corrupted EXIF metadata and invalid frees
https://2ourc3.com/posts/rca/
#vulnerabilityanalysis
Vulnerability root-cause analysis on Linux
Introduction As you may know: finding bugs is one of the greatest things in life — but once you finally obtain the precious memory corruption you were praying for, you still need to actually understand it.
In this article we’ll explore how to conduct a root-cause analysis of a vulnerability in a Linux open-source program that we compiled ourselves. That matters because it lets us disable stripping and enable debug symbols, which makes the investigation dramatically easier.
Automating Android App Component Testing with New APK Inspector
If improperly secured, exported components become easy entry points for attackers to execute arbitrary code, access sensitive data, or manipulate the app’s behavior.
A single overlooked input in CentOS Web Panel turned into a full-blown takeover—attackers hacked servers with no password needed. How did one bug spark such a cybersecurity uproar? Read on to get the inside scoop.
https://thedefendopsdiaries.com/centos-web-panel-vulnerability-cve-2025-48703-technical-analysis-and-lessons-for-cybersecurity/
#centoswebpanel
#cve202548703
#vulnerabilityanalysis
#cybersecurity
#patchmanagement
CentOS Web Panel Vulnerability (CVE-2025-48703): Technical Analysis and Lessons for Cybersecurity
Explore the technical details and cybersecurity lessons from the CentOS Web Panel CVE-2025-48703 vulnerability and its rapid exploitation.
CVE-2024–23897 – Arbitrary file read in Jenkins
Overview CVE-2024–23897 is a critical vulnerability discovered in Jenkins, with a high CVSS score of 9.8. This vulnerability allows the attacker to read files in the […]
CVE-2024–23897 – Arbitrary file read in Jenkins
Overview CVE-2024–23897 is a critical vulnerability discovered in Jenkins, with a high CVSS score of 9.8. This vulnerability allows the attacker to read files in the […]
90 days, 16 bugs, and an Azure Sphere Challenge
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Vulnerability Spotlight: Information disclosure vulnerability in Microsoft Media Foundation
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Vulnerability Spotlight: Information disclosure in Windows 10 Kernel
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Vulnerability Spotlight: Use-after-free vulnerability in Windows 10 win32kbase
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Vulnerability Spotlight: Code execution vulnerability in Microsoft Media Foundation
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
kriware 
benzogaga33 
The DefendOps Diaries
Alexandre Borges
Alexandre Borges
ITSEC News