2Ruby Array Pack Bleed – Impacts Ruby 1.6.7 to 4.0.0 (opens in new tab)(nastystereo.com)9pentestercrab2mo ago0
3Inline Style Exfiltration: leaking data with chained CSS conditionals (opens in new tab)(portswigger.net)1pentestercrab7mo ago0
4Marshal madness: A brief history of Ruby deserialization exploits (opens in new tab)(blog.trailofbits.com)25pentestercrab7mo ago4
5Breaking the Sorting Barrier for Directed Single-Source Shortest Paths (opens in new tab)(arxiv.org)99pentestercrab7mo ago3
6New Method to Leverage Unsafe Reflection and Deserialisation to RCE on Rails (opens in new tab)(elttam.com)1pentestercrab1y ago0
9RubyGem's Gem:SafeMarshal buffer overrun with length larger than fit into a byte (opens in new tab)(github.com)1pentestercrab1y ago0
10CORS Vulnerabilities in Go: Vulnerable Patterns and Lessons (opens in new tab)(pentesterlab.com)1pentestercrab1y ago0
11Shiny Vulnerabilities in R's Most Popular Web Framework (opens in new tab)(nastystereo.com)1pentestercrab1y ago0
12PentesterLab: Web Hacking and Security Code Review 600 exercises and 700 videos (opens in new tab)(pentesterlab.com)1pentestercrab1y ago0
13Cross-Site Post Requests Without a Content-Type Header – CSRF Attack (opens in new tab)(nastystereo.com)2pentestercrab1y ago0
14Execute commands by sending JSON? Ruby deserialization vulnerabilities (opens in new tab)(github.blog)2pentestercrab1y ago0
15JWT Libraries Block Algorithm Confusion: Key Lessons for Code Review (opens in new tab)(pentesterlab.com)3pentestercrab1y ago0
