Finding an SOQL Injection 0-Day in Salesforce | Tobia Righi - Security Researcher
How an un-exploitable SOQL injection turned into a 0-day in Salesforce itself affecting millions of user records| Tobia Righi
How an un-exploitable SOQL injection turned into a 0-day in Salesforce itself affecting millions of user records| Tobia Righi
The purpose of this article is to show how to get RCE when a crafted malicious Tensorflow model is loaded. Remember all of this is for educational purposes only! Don’t be mean! Tensorflow Models are Programs This article is in no way reporting a vulnerability in the Tensorflow python module. As it can be read in the SECURITY section of the project, Tensorflow models should be treated as programs and thus from a security you should not load (run) untrusted models in your application.| Tobia Righi
