上一篇《k8s安全攻防 -- etcd篇》中,我们介绍了etcd组件未授权带来的集群失陷风险,介绍了etcd的渗透攻击手法,本篇我们继续介绍核心组件 API Server 和 Kubelet API ...
2022-05微软漏洞通告
点击蓝字 关注我们微软官方发布了2022年05月的安全更新。本月更新公布了75个漏洞,包含26个远程执行代码漏洞、21个特权提升漏洞、17个信息泄露漏洞、6个拒绝服务漏洞、4个功能绕过以及1个身份假冒...
Redis主从、哨兵、 Cluster集群一锅端!
来自公众号:捡田螺的小男孩前言大家好,我是捡田螺的小男孩。今天跟小伙伴们一起学习Redis的主从、哨兵、Redis Cluster集群。Redis主从Redis哨兵Redis Cluster集群1. ...
vmware-tanzu社区版的安装(一)
工作需要,本周安装了vmware-tanzu社区版,记录如下,all in one,ubuntu20.04,sudo apt update,sudo apt dist-upgrade,安装docker...
基于Binary Ninja的静态污点分析:以MySQL Cluster漏洞为例(上)
污点分析是一种挖掘安全漏洞的有效手段,即使对于大型代码库,也是如此。我的同事Lucas Leong最近演示了如何使用Clang Static Analyzer和CodeQL,通过污点分析来建模和查找M...
Category-964: SFP Secondary Cluster: Exposure Temporary File
Category-964: SFP Secondary Cluster: Exposure Temporary File ID: 964 Status: Incomplete Summary This...
Category-953: SFP Secondary Cluster: Missing Endpoint Authentication
Category-953: SFP Secondary Cluster: Missing Endpoint Authentication ID: 953 Status: Incomplete Summ...
Category-906: SFP Primary Cluster: UI
Category-906: SFP Primary Cluster: UI ID: 906 Status: Incomplete Summary This category identifies So...
Category-903: SFP Primary Cluster: Cryptography
Category-903: SFP Primary Cluster: Cryptography ID: 903 Status: Incomplete Summary This category ide...
Category-899: SFP Primary Cluster: Access Control
Category-899: SFP Primary Cluster: Access Control ID: 899 Status: Incomplete Summary This category i...
Category-896: SFP Primary Cluster: Tainted Input
Category-896: SFP Primary Cluster: Tainted Input ID: 896 Status: Incomplete Summary This category id...
Category-893: SFP Primary Cluster: Path Resolution
Category-893: SFP Primary Cluster: Path Resolution ID: 893 Status: Incomplete Summary This category ...
5