Tootfinder

Opt-in global Mastodon full text search. Join the index!

@adulau@infosec.exchange
2025-06-16 04:55:17

CVE-2011-10007 was actually published on
2025-06-05.
🔗 Vulnerability details vulnerability.circl.lu/vuln/CV
🔗 Details

File
in("/tmp/poc")' uid=1000(user) gid=1000(user) groups=10…" target="_blank">in("/tmp/poc")' uid=1000(user) gid=1000(user) groups=10…" onerror="this.style.display='none'" class="media" >

cvelistv5 - CVE-2011-10007
Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources.

@juandesant@astrodon.social
2025-06-06 21:22:40

Combined Public Service Announcement and Today I Learned: if you have `CLICOLOR=1` on macOS, if you do an `ls` of a directory which is inside iCloud Drive, evicted files (i.e., those that cannot be immediately used, but need to be downloaded first from iCloud) show with a grey background… see below:
First, both files are in iCloud, but not locally available. They have a dotted cloud icons in the iCloud Status field of the Finder window, and a greyed background in the output of the `ls` …

A Finder window showing a Folder named "CLICOLOR_Test" with two files: a PDF called "cssday.pdf", and a PNG file with a name that starts with "Screenshot-2025-" and ends with "17.08.34.png". The iCloud Status icon shows a cloud with a down arrow, indicando that it is not currently downloaded.
Screenshot of Terminal.app showing the command `ls -ln` run on the CLICOLOR_Test folder, and showing both files with a gray background in their filename.
Another screenshot of the CLICOLOR_Test folder, now with cssday.pdf showing a down-arrow circle (representing that the file will be kept downloaded), which means it is undoubtedly locally available.
Screenshot of Terminal.app showing the command `ls -ln` run on the CLICOLOR_Test folder, but this time the `cssday.pdf` file shows a white background, while the screenshot file still sports a gray background behind their filename.
@michabbb@social.vivaldi.net
2025-05-29 19:32:54

#5 🧾 Validate file uploads with proper size, type and filename sanitization
🍪 Configure secure cookie settings with httpOnly and sameSite attributes
📈 Implement rate limiting to prevent brute force and #DDoS attacks