Easy way to privilege escalation in any Linux via pkexec 🔥🔥🔥
CVE-2021-4034: pwnkit: Local Privilege Escalation in polkit’s pkexec for almost any Linux system. Vulnerability == Bug. The first bug commit appeared in May 2009. Qualys researchers reported this vulnerability exploitation […]
Non-hype vulnerabilities and news in Vulners monthly review
Microsoft in our weekly digests of this month. Traditionally, it was collected underestimated and unmentioned vulnerabilities with the news of the past month. There will be vulnerabilities in Kindle and […]
RCE with exploit in Confluence Server and Confluence Data Center (CVE-2021-26084)
On August 25, Atlassian reported a critical Remote Code Execution vulnerability in Confluence Server and Confluence Data Center. The vulnerability allows an authenticated user, and in some cases an unauthenticated […]
Ripple20 zero-day vulnerabilities in IOT devices
The U.S. Department of Homeland Security and CISA ICS-CERT have published security notices about recently discovered vulnerabilities, collectively referred to as Ripple20. Ripple20 includes 19 vulnerabilities affecting billions of Internet-connected […]
Vulners weekly digest #6
This review is more about exploiting vulnerabilities in attacks on various areas. We also gave examples of why security updates should not be ignored. The most interesting vulnerabilities If you […]
Vulners weekly digest #4
Your Exchange server stills sweety and other vulnerabilities.
Serious boost for pentest frameworks.
ZOOM continues to smoke and we continue write about it in our digest.
Vulners weekly digest #2
Weekly overview of new vulnerabilities, exploits, tools and other news from the world of information security