Advisories archive

SSD Advisory – iOS Jailbreak via Sandbox Escape and Kernel R/W leading to RCE
Introduction:Each year, as part of TyphoonCon; our All Offensive Security Conference, we are offering cash prizes for vulnerabilities and exploitation
SSD Advisory – phpBB CSRF Token Hijacking leading to Stored XSS
Vulnerability SummaryWhen an admin accesses the Administrator Control Panel (ACP) in phpBB, a leftover session id GET parameter is present
SSD Advisory – Fortigate DHCP Stored XSS
Vulnerability SummaryThe following advisory describes a Stored XSS Vulnerability found in Fortinet's Fortigate Firewall(FortiOS) via an unauthenticated DHCP packet.CVECVE-2019-6697CreditAn independent
SSD Advisory – OpenSSH Pre-Auth XMSS Integer Overflow
Vulnerability SummaryThe following advisory describes a Pre-Auth Integer Overflow in the XMSS Key Parsing Algorithm in OpenSSH.CVECVE-2019-16905CreditAn independent Security Researcher,
TyphoonCon Challenge 2019
During TyphoonCon 2019 we held an open contest which involved a specially crafted binary program we provided. The goal of
SSD Advisory – Firefox Sandbox Infoleak From Uninitialized Handle In CrossCall
Vulnerability summary The crosscall FilesystemDispatcher::NtOpenFile can leak an uninitialized handle value to a renderer due to an incorrect return value
SSD Advisory – Adobe Acrobat Reader DC Use After Free
Vulnerability SummaryA use-after-free vulnerability exists in Adobe Acrobat Reader DC, which allows attackers execute arbitrary code with the privileges of
SSD Advisory – GetSimple CMS Unauthenticated Remote Code Execution
Vulnerabilities SummaryThe following advisory describes a vulnerability in GetSimple CMS which allows unauthenticated attackers to perform Remote Code Execution.CVECVE-2019-11231CreditAn independent
SSD Advisory – Vesta CP Remote Command Execution To Privilege Escalation
Vulnerabilities SummaryThe following advisory describes a vulnerability in Vesta control panel (VestaCP), an open source hosting control panel, which can
SSD Advisory – iOS powerd Uninitialized Mach Message Reply to Sandbox Escape and Privilege Escalation
(This advisory follows up on a vulnerability provided in Hack2Win Extreme competition, that won the iOS Privilege Escalation category in