SSD Advisory – Linux CLOCK_THREAD_CPUTIME_ID LPE
A vulnerability in the way Linux handles the CLOCK_THREAD_CPUTIME_ID allows local attackers to reach a race condition and use this to elevate their privileges to root.
Use After Free
SSD Advisory – Linux CONFIG_WATCH_QUEUE LPE
A vulnerability in the way Linux handles the CONFIG_WATCH_QUEUE allows local attackers to reach a race condition and use this to elevate their privileges to root.
SSD Advisory – VhdmpiValidateVirtualDiskSurface LPE
Bad handling by Apple Safari allows attackers to use certain look-alike characters instead of the real ones allow attackers to confuse victims into thinking they are reach a certain site, while they are accessing another one.
SSD Advisory – NETGEAR DGND3700v2 PreAuth Root Access
Find out how a vulnerability in multiple Uniview devices allow remote unauthenticated attackers to trigger a remote code execution vulnerability in the products the company offers.
SSD Advisory – Chrome Ad Heavy Bypass (via history.back())
Find out how the Chrome Ad-Heavy detection mechanism can be bypassed, bypassing the mechanism would allow ads that are breaching the restrictions imposed by Chrome to still run.
SSD Advisory – Samsung S10+/S9 kernel 4.14 (Android 10) Kernel Function Address (.text) and Heap Address Information Leak
Find out how a vulnerability discovered in Samsung S10+/S9 kernel allows leaking of sensitive function address information.
SSD Advisory – IP-Board Stored XSS to RCE Chain
Find out how an XSS in IP-Board can be leveraged into an remote code execution.
SSD Advisory – DD-WRT UPNP Buffer Overflow
TL;DR Find out how a vulnerability in DD-WRT allows an unauthenticated attacker to overflow an internal buffer used by UPNP and trigger a code execution vulnerability. Vulnerability Summary DD-WRT is “is Linux-based firmware for wireless routers and access points. Originally designed for the Linksys WRT54G series, it now runs on a wide variety of models”. …
SSD Advisory – VestaCP LPE Vulnerabilities
TL;DR Find out how multiple vulnerabilities in VestaCP allow an authenticated attacker to elevate his access to root privileges. Vulnerability Summary VestaCP is “an open source hosting control panel, a clean and focused interface without the clutter, and has the latest of very innovative technologies”. Two security vulnerabilities in VestaCP allow attackers that have access …
SSD Advisory – GNU GRUB Command Injection
TL;DR Find out how a vulnerability in GNU GRUB allows users on a Linux system to inject commands into the process of grub-mkconfig which allows them to execute arbitrary commands with elevated privileges. Vulnerability Summary GRUB ships with a script that allows generating /boot/grub/grub.cfg based on the operating systems installed on all the devices attached …
SSD Advisory – Auth Bypass and RCE in Infinite WP Admin Panel
TL;DR Find out how a vulnerability in Infinite WP’s password reset mechanism allows an unauthenticated user to become authenticated and then carry out a Remote Code Execution. Vulnerability Summary InfiniteWP is “free self hosted, multiple WordPress site management solution. It simplifies your WordPress tasks with a click of a button”. A vulnerability in InfiniteWP allows …
SSD Advisory – Auth Bypass and RCE in Infinite WP Admin Panel Read More »
SSD Advisory – Windows Installer Elevation of Privileges Vulnerability
TL;DR Vulnerability in Windows Installer allows local users to gain elevated SYSTEM privileges in Windows. Vulnerability Summary Windows Installer is a software component and application programming interface of Microsoft Windows used for the installation, maintenance, and removal of software. Windows Installer suffers from a local privilege escalation allowing a local user to gain SYSTEM on …
SSD Advisory – Windows Installer Elevation of Privileges Vulnerability Read More »
