{"id":13538605,"url":"https://github.com/numirias/security","last_synced_at":"2026-02-12T06:32:42.269Z","repository":{"id":47369527,"uuid":"190179901","full_name":"numirias/security","owner":"numirias","description":"Some of my security stuff and vulnerabilities. Nothing advanced. More to come.","archived":false,"fork":false,"pushed_at":"2019-06-11T16:18:13.000Z","size":17,"stargazers_count":868,"open_issues_count":0,"forks_count":159,"subscribers_count":31,"default_branch":"master","last_synced_at":"2025-09-08T00:41:05.531Z","etag":null,"topics":["appsec","pentesting","security"],"latest_commit_sha":null,"homepage":"https://twitter.com/rawsec","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/numirias.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-06-04T10:27:48.000Z","updated_at":"2025-08-24T11:48:53.000Z","dependencies_parsed_at":"2022-08-12T13:22:03.624Z","dependency_job_id":null,"html_url":"https://github.com/numirias/security","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/numirias/security","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numirias%2Fsecurity","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numirias%2Fsecurity/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numirias%2Fsecurity/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numirias%2Fsecurity/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/numirias","download_url":"https://codeload.github.com/numirias/security/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numirias%2Fsecurity/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29360644,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-12T01:03:07.613Z","status":"online","status_checked_at":"2026-02-12T02:00:06.911Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["appsec","pentesting","security"],"created_at":"2024-08-01T09:01:14.007Z","updated_at":"2026-02-12T06:32:42.247Z","avatar_url":"https://github.com/numirias.png","language":null,"readme":"# security\n\nThis repository will contain security-related stuff I'm doing. (Also, [@rawsec](https://twitter.com/rawsec) on Twitter)\n\nRecent:\n\n- 2019-06-04 [Vim/Neovim Arbitrary Code Execution via Modelines](doc/2019-06-04_ace-vim-neovim.md) (CVE-2019-12735)\n\nMore to come...\n\n---\n\n\n\nCTF write-ups:\n\n\n\n- [Google CTF 2017 | Geokitties v2](https://github.com/numirias/ctf/blob/master/writeup-google-ctf-2017-geokitties-v2.md)\n\n\n\n- [*Many more...*](https://security.meta.stackexchange.com/search?tab=votes\u0026q=user%3a95381%20is%3aanswer%20%5bwrite-up%5d)\n\n\n[My answers](https://security.stackexchange.com/users/95381/arminius?tab=answers)  on Security.SE (many trivial, but also a few interestinig ones).\n\nSome older bugs:\n\n- 2017-01-25 [Google Chrome: Address spoofing in Omnibox](https://bugs.chromium.org/p/chromium/issues/detail?id=673971\n) (CVE-2017-5015)\n\n- 2017-01-24 [Mozilla Firefox: Location bar spoofing with unicode characters](https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5383) (CVE-2017-5383)\n\n- 2016-06-07 [Mozilla Firefox: Partial SOP violation via forged location.host](https://www.mozilla.org/en-US/security/advisories/mfsa2016-54/) (CVE-2016-2825)\n\n- 2015-05-19 [Google Chrome: Cross-origin bypass in Editing](https://bugs.chromium.org/p/chromium/issues/detail?id=444927) (CVE-2015-1254)\n\n- 2015-04-03 [Mozilla Firefox: Privileged URLs processed by about:reader](https://www.mozilla.org/en-US/security/advisories/mfsa2015-43/) (CVE-2015-0798)\n\n- 2015-03-31 [Mozilla Firefox: Addon permissions exposed to man-in-the-middle attacks](https://www.mozilla.org/en-US/security/advisories/mfsa2015-32/) (CVE-2015-0812)\n\n- 2015-02-24 [Mozilla Firefox: Local files or privileged URLs in pages can be opened into new tabs](https://www.mozilla.org/en-US/security/advisories/mfsa2015-25/) (CVE-2015-0821)\n\n- 2015-02-24 [Mozilla Firefox: Arbitrary File Read Vulnerability via Form Autocomplete](https://www.mozilla.org/en-US/security/advisories/mfsa2015-24/) (CVE-2015-0822)\n","funding_links":[],"categories":["\u003ca id=\"683b645c2162a1fce5f24ac2abfa1973\"\u003e\u003c/a\u003e漏洞\u0026\u0026漏洞管理\u0026\u0026漏洞发现/挖掘\u0026\u0026漏洞开发\u0026\u0026漏洞利用\u0026\u0026Fuzzing","Others (28)","Others"],"sub_categories":["\u003ca id=\"9d1ce4a40c660c0ce15aec6daf7f56dd\"\u003e\u003c/a\u003e未分类-Vul"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnumirias%2Fsecurity","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnumirias%2Fsecurity","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnumirias%2Fsecurity/lists"}