Tag: vulnerability

All the articles with the tag "vulnerability".

• PDF + JavaScript = MFT Corruption?

  25 Jan, 2021

  By embedding specially crafted JS into a PDF, we can trigger a recently discovered vulnerability in the NTFS driver and potentially corrupt the MFT.

• CVE-2020-27985 - Security Onion - Local Privilege Escalation

  20 Nov, 2020

  Security Onion V2 prior to v2.3.10 ships with a sudo misconfiguration that lets local users get root by editing so-setup, no password needed.

• CVE-2020-13448 - QuickBox - Authenticated RCE/Privilege Escalation

  29 May, 2020

  QuickBox CE <= v2.5.5 and QuickBox Pro <= 2.1.8 are both affected by an authenticated remote code execution (RCE) and privilege escalation vulnerability. A low-privileged user can execute arbitary commands on the server with the privileges of the user running the web server...