advisories - Page 3 of 29 - SSD Secure Disclosure

SSD Advisory – Exchange Server GetWacInfo Information Disclosure Vulnerability

Find out how a vulnerability in multiple Uniview devices allow remote unauthenticated attackers to trigger a remote code execution vulnerability in the products the company offers.

SSD Advisory – NETGEAR DGND3700v2 PreAuth Root Access

Find out how a vulnerability in multiple Uniview devices allow remote unauthenticated attackers to trigger a remote code execution vulnerability in the products the company offers.

SSD Advisory – Uniview PreAuth RCE

Find out how a vulnerability in multiple Uniview devices allow remote unauthenticated attackers to trigger a remote code execution vulnerability in the products the company offers.

SSD Advisory – Rocket.Chat Client-side Remote Code Execution

Find out how the Chrome Ad-Heavy detection mechanism can be bypassed, bypassing the mechanism would allow ads that are breaching the restrictions imposed by Chrome to still run.

SSD Advisory – TOTOLink Auth Bypass and Device Backdoor

Find out how the Chrome Ad-Heavy detection mechanism can be bypassed, bypassing the mechanism would allow ads that are breaching the restrictions imposed by Chrome to still run.

SSD Advisory – Chrome Ad Heavy Bypass (via history.back())

Find out how the Chrome Ad-Heavy detection mechanism can be bypassed, bypassing the mechanism would allow ads that are breaching the restrictions imposed by Chrome to still run.

SSD Advisory – Chrome Ad Heavy Bypass (via SharedWorker)

Find out how the Chrome Ad-Heavy detection mechanism can be bypassed, bypassing the mechanism would allow ads that are breaching the restrictions imposed by Chrome to still run.

SSD Advisory – macOS Finder RCE

Find out how a vulnerability in macOS Finder system allows remote attackers to trick users into running arbitrary commands.

SSD Advisory – NETGEAR D7000 Authentication Bypass

Find out how a vulnerability in NETGEAR D7000 device allows remote unauthenticated users to reveal the ‘admin’ password used to login to the admin web interface of the product. NOTE: The vendor states that multiple other devices are also vulnerable.

SSD Advisory – Samsung S10+/S9 kernel 4.14 (Android 10) Kernel Function Address (.text) and Heap Address Information Leak

Find out how a vulnerability discovered in Samsung S10+/S9 kernel allows leaking of sensitive function address information.

SSD Advisory – IP-Board Stored XSS to RCE Chain

Find out how an XSS in IP-Board can be leveraged into an remote code execution.

SSD Advisory – aaPanel CSWH to RCE

Find out how a CSWH hijacking vulnerability in aaPanel allows remote attackers to cause an authenticated user to execute arbitrary commands inside aaPanel’s managed servers.

Advisories
archive

SSD Advisory – Exchange Server GetWacInfo Information Disclosure Vulnerability

SSD Advisory – NETGEAR DGND3700v2 PreAuth Root Access

SSD Advisory – Uniview PreAuth RCE

SSD Advisory – Rocket.Chat Client-side Remote Code Execution

SSD Advisory – TOTOLink Auth Bypass and Device Backdoor

SSD Advisory – Chrome Ad Heavy Bypass (via history.back())

SSD Advisory – Chrome Ad Heavy Bypass (via SharedWorker)

SSD Advisory – macOS Finder RCE

SSD Advisory – NETGEAR D7000 Authentication Bypass

SSD Advisory – Samsung S10+/S9 kernel 4.14 (Android 10) Kernel Function Address (.text) and Heap Address Information Leak

SSD Advisory – IP-Board Stored XSS to RCE Chain

SSD Advisory – aaPanel CSWH to RCE

Get in touch

?

?

Get in touch

Advisories archive

Get in touch

?

Get in touch

Advisories
archive