Secure Planet Training Courses Updated For 2019 - Click Here

There are new available articles, click to refresh the page.

Before yesterdayYour RSS feeds

/r/netsec - Information Security News & Discussion
Linux kernel double-free to LPE
July 8^th 2025 at 12:11

Linux kernel double-free to LPE

By: ／u／SSDisclosure

A critical double-free vulnerability has been discovered in the pipapo set module of the Linux kernel’s NFT subsystem. An unprivileged attacker can exploit this vulnerability by sending a specially crafted netlink message, triggering a double-free error with high stability. This can then be leveraged to achieve local privilege escalationץ

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
July 8^th 2025 at 12:11

/r/netsec - Information Security News & Discussion
New ISPConfig Authenticated Remote Code Execution Vulnerability
June 10^th 2025 at 10:58

New ISPConfig Authenticated Remote Code Execution Vulnerability

By: ／u／SSDisclosure

ISPConfig contains design flaws in the user creation and editing functionality, which allow a client user to escalate their privileges to superadmin. Additionally, the language modification feature enables arbitrary PHP code injection due to improper input validation.

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
June 10^th 2025 at 10:58

/r/netsec - Information Security News & Discussion
New Vulnerabilities in Foscam X5
May 20^th 2025 at 11:59

New Vulnerabilities in Foscam X5

By: ／u／SSDisclosure

Multiple vulnerabilities were discovered in Foscam X5. These vulnerabilities allow a remote attacker to trigger code execution vulnerabilities in the product.

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
May 20^th 2025 at 11:59

New writeup: a vulnerability in PHP's extract() function allows attackers to trigger a double-free, which in turn allows arbitrary code execution (native code)

By: ／u／SSDisclosure

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
April 17^th 2025 at 07:17

How a critical RCE vulnerability in Calix's CWMP service allows attackers to execute system commands as root due to improper input sanitization, leading to full system compromise.

By: ／u／SSDisclosure

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
April 10^th 2025 at 13:39

Learn how an out-of-bounds write vulnerability in the Linux kernel can be exploited to achieve an LPE (CVE-2025-0927)

By: ／u／SSDisclosure

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
March 18^th 2025 at 12:35

An independent security researcher collaborating with SSD Secure Disclosure has identified a critical RCE vulnerability in Palo Alto Expedition.

By: ／u／SSDisclosure

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
January 15^th 2025 at 11:20

/r/netsec - Information Security News & Discussion
New Windows Privilege Escalation Vulnerability!
December 19^th 2024 at 16:32

New Windows Privilege Escalation Vulnerability!

By: ／u／SSDisclosure

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
December 19^th 2024 at 16:32

/r/netsec - Information Security News & Discussion
A vulnerability in the Common Log File System (CLFS) driver allows a local user to gain elevated privileges on Windows 11
October 25^th 2024 at 09:23

A vulnerability in the Common Log File System (CLFS) driver allows a local user to gain elevated privileges on Windows 11

By: ／u／SSDisclosure

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
October 25^th 2024 at 09:23

/r/netsec - Information Security News & Discussion
A vulnerability in the Nortek Linear eMerge E3 allows remote unauthenticated attackers to cause the device to execute arbitrary commands
September 25^th 2024 at 12:02

A vulnerability in the Nortek Linear eMerge E3 allows remote unauthenticated attackers to cause the device to execute arbitrary commands

By: ／u／SSDisclosure

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
September 25^th 2024 at 12:02

A vulnerability in LANCOM LCOS web interface (usually listening on port 443) allows a remote attacker to trigger a heap overflow in the service listening on this port

By: ／u／SSDisclosure

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
September 17^th 2024 at 09:43

/r/netsec - Information Security News & Discussion
How a vulnerability in WifiKey's AC Gateway allows remote attackers to trigger a pre-auth RCE
January 22^nd 2024 at 16:54

How a vulnerability in WifiKey's AC Gateway allows remote attackers to trigger a pre-auth RCE

By: ／u／SSDisclosure

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
January 22^nd 2024 at 16:54

/r/netsec - Information Security News & Discussion
New advisory: File History Service (fhsvc.dll) Elevation of Privilege - SSD Secure Disclosure
September 3^rd 2023 at 14:19

New advisory: File History Service (fhsvc.dll) Elevation of Privilege - SSD Secure Disclosure

By: ／u／SSDisclosure

submitted by /u/SSDisclosure
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
September 3^rd 2023 at 14:19