privilege escalation

Pierluigi Paganini July 30, 2021
CVE-2021-3490 – Pwning Linux kernel eBPF on Ubuntu machines

Researcher published an exploit code for a high-severity privilege escalation flaw (CVE-2021-3490) in Linux kernel eBPF on Ubuntu machines. The security researcher Manfred Paul of the RedRocket CTF team released the exploit code for a high-severity privilege escalation bug, tracked as CVE-2021-3490, in Linux kernel eBPF (Extended Berkeley Packet Filter). A local attacker could exploit the flaw to […]

Pierluigi Paganini July 09, 2021
Cisco fixes High Severity issue in BPA and WSA

Cisco addresses high severity privilege escalation vulnerabilities in Business Process Automation (BPA) and Web Security Appliance (WSA) that expose users to privilege escalation attacks. Cisco released security patches for high severity vulnerabilities in Business Process Automation (BPA) and Web Security Appliance (WSA) that expose users to privilege escalation attacks. The IT giant fixed two flaws […]

Pierluigi Paganini June 04, 2021
Trend Micro details CVE-2021-30724 privilege escalation flaw in macOS, iOS

Trend Micro disclosed technical details of a patched privilege escalation issue, tracked as CVE-2021-30724, that impacts macOS, iOS and iPadOS. Trend Micro researchers disclosed technical details of a patched privilege escalation vulnerability, tracked as CVE-2021-30724, that impacts macOS, iOS, and iPadOS. The flaw was reported to Apple by Trend Micro researcher Mickey Jin, and the […]

Pierluigi Paganini May 04, 2021
Hundreds of millions Of Dell PCs affected by CVE-2021-21551 flaws

American multinational computer technology giant Dell addresses a 12-year-old driver flaw, tracked as CVE-2021-21551, impacting millions of computers. Hundreds of millions of Dell computers worldwide are affected by a 12-year-old vulnerability, tracked as CVE-2021-21551, that affects Dell DBUtil driver. The flaw affects version 2.3 of the Dell BIOS driver, it is one of a series of […]

Pierluigi Paganini April 13, 2021
Adobe addresses two critical vulnerabilities in Photoshop

Adobe has addressed security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. Adobe has fixed ten security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. Seven vulnerabilities have been rated as critical, some of them could be exploited by remote attackers to execute arbitrary code. Adobe has released two […]

Pierluigi Paganini April 06, 2021
Experts discovered a privilege escalation issue in popular Umbraco CMS

Experts discovered a vulnerability in the popular CMS Umbraco that could allow low privileged users to escalate privileges to “admin.” Security experts from Trustwave have discovered a privilege escalation vulnerability in the popular website CMS, Umbraco. The vulnerability affects an API endpoint that fails to properly check the user’s authorization prior to returning results found to […]

Pierluigi Paganini March 05, 2021
Five privilege escalation flaws fixed in Linux Kernel

Experts found five vulnerabilities in the Linux kernel, tracked as CVE-2021-26708, that could lead to local privilege escalation. Positive Technologies researcher Alexander Popov found five high severity vulnerabilities in the Linux kernel that could lead to local privilege escalation. The Linux kernel vulnerabilities are race conditions that reside in AF_VSOCK implementation, they were implicitly introduced in November […]

Pierluigi Paganini January 27, 2021
Heap-based buffer overflow in Linux Sudo allows local users to gain root privileges

CVE-2021-3156 Sudo vulnerability has allowed any local user to gain root privileges on Unix-like operating systems without authentication. Sudo is one of the most important, powerful, and commonly used utilities that comes as a core command pre-installed on macOS and almost every UNIX or Linux-based operating system. sudo is a program for Unix-like computer operating systems that allows […]

Pierluigi Paganini January 08, 2021
Nvidia releases security updates for GPU display driver and vGPU flaws

Nvidia has released security updates to address high-severity vulnerabilities affecting the Nvidia GPU display driver and vGPU software.  Nvidia has addressed a total of 16 flaws, including high-severity vulnerabilities affecting the Nvidia GPU display driver and vGPU software.   The addressed flaws may lead to denial of service, escalation of privileges, data tampering, or information disclosure. […]

Pierluigi Paganini November 10, 2020
Flaws in WordPress Ultimate Member plugin expose 25K sites to hack

Multiple critical vulnerabilities affecting the Ultimate Member plugin could be easily exploited to potentially takeover up to 25K websites. Multiple critical vulnerabilities in the Ultimate Member plugin could be easily exploited to take over websites, the issue potentially impact up to 100K installs. The Ultimate Member WordPress plugin allows admins to easily manage membership to […]