#脆弱性
8 posts-
explanationSQL Injection Explained — How It Works, Common Attack Techniques, and Defenses
SQL injection (SQLi) is a long-standing vulnerability where user input is concatenated directly into SQL statements, let...
-
explanationCSRF Explained — How Cross-Site Request Forgery Works and How to Defend Against It
CSRF (Cross-Site Request Forgery) is a vulnerability where the victim, while logged in to a target site, is tricked by a...
-
explanationLFI/RFI Explained — How Local/Remote File Inclusion Works, Attack Techniques, and Defenses
LFI (Local File Inclusion) and RFI (Remote File Inclusion) occur when a web application takes a filename or URL from use...
-
explanationSSRF Explained — How Server-Side Request Forgery Works, Attack Techniques, and Defenses
SSRF (Server-Side Request Forgery) is a vulnerability where the web application's server fetches an attacker-supplied UR...
-
explanationXSS Explained — How Cross-Site Scripting Works and How to Defend Against It
Cross-site scripting (XSS) injects malicious script into a web application so that it runs inside another user's browser...
-
news2026年5月の優先パッチ整理 ― Palo Alto は攻撃確認済、GUARDIANWALL も注意喚起レベル
2026年5月の脆弱性ラッシュを整理。Palo Alto PAN-OS は限定的な攻撃を Palo Alto 自身が確認済み、GUARDIANWALL MailSuite は J...
-
news「あんしんフィルター for au」に平文送信脆弱性 ― 子供を守るアプリが情報を漏らす皮肉
KDDI 提供の Android アプリ「あんしんフィルター for au」に重要情報の平文送信脆弱性 (JVN#24167657)。子供を守る監視アプリが...
-
newsAnthropic「Mythos」騒動 ― AI 脆弱性発見は「茶番」か、それとも未来か
Anthropic の AI 脆弱性発見プロジェクト「Mythos」に対し、cURL メインテナの Daniel Stenberg が「深刻度低い脆弱性 1 件で大...