Advisories archive


Warning: Invalid argument supplied for foreach() in /home/customer/www/ssd-disclosure.com/public_html/wp-content/plugins/post-grid/includes/post-grid-layout-elements.php on line 2921
SSD Advisory – MTS HW Driver Escalation of Privileges
A vulnerability in Marvin Test's driver allows local users to use it to write arbitrary data to sensitive areas of
SSD Advisory – Linux CLOCK_THREAD_CPUTIME_ID LPE
A vulnerability in the way Linux handles the CLOCK_THREAD_CPUTIME_ID allows local attackers to reach a race condition and use this
SSD Advisory – Linux CONFIG_WATCH_QUEUE LPE
A vulnerability in the way Linux handles the CONFIG_WATCH_QUEUE allows local attackers to reach a race condition and use this
SSD Advisory – VhdmpiValidateVirtualDiskSurface LPE
A use after free vulnerability has been found in Windows VhdmpiValidateVirtualDiskSurface function. This vulnerability can be used to overwrite critical
SSD Advisory – Apple Safari ICU Out-Of-Bounds Write
An Out-Of-Bounds Write vulnerability exists in Apple Safari ICU components libicucore.A.dylib [icu::FormattedStringBuilder::insert]. This library is called when Safari handles the
SSD Advisory – Apple Safari IDN URL Spoofing
Bad handling by Apple Safari allows attackers to use certain look-alike characters instead of the real ones to confuse victims
SSD Advisory – Microsoft SharePoint Server WizardConnectToDataStep4 Deserialization Of Untrusted Data RCE
A vulnerability in SharePoint Server allows authenticated attackers that are able to create a Site on the server to cause
SSD Advisory – Froxlor Server Management Panel File Upload Filter Bypass and RCE
A vulnerability in Froxlor allows remote attackers to bypass restrictions and execute arbitrary commands as root. Authentication as a customer
SSD Advisory – VestaCP Multiple Vulnerabilities
Find out how multiple vulnerabilities in VestaCP allow remote attackers to take over the product.
SSD Advisory – Exchange Server GetWacInfo Information Disclosure Vulnerability
Find out how a flaw in Microsoft Exchange Server allows remote attackers to disclose sensitive information from the Exchange server.