| Post-Exploitation: Abusing the KeePass Plugin Cache |
|
|
|
| Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 1 |
|
|
|
| Activation Context Cache Poisoning: Exploiting CSRSS For Privilege Escalation |
|
|
|
| CVE-2023-24068 && CVE-2023-24069: Abusing Signal Desktop Client for fun and for Espionage |
|
|
|
| Nothing new under the Sun – Discovering and exploiting a CDE bug chain |
|
|
|
| Sudoedit bypass in Sudo <= 1.9.12p1 (CVE-2023-22809) |
|
|
|
| Bad things come in large packages: .pkg signature verification bypass on macOS |
|
|
|
| DER Entitlements: The (Brief) Return of the Psychic Paper |
|
|
|
| Google Chrome “SymStealer” Vulnerability: How to Protect Your Files from Being Stolen |
|
|
|
| SSD Advisory – MacOS Mozilla Firefox Download Protections Were Bypassed By .atloc / .ftploc Files |
|
|
|
| Lexmark MC3224adwe RCE exploit |
|
|
|
| A Technical Analysis of CVE-2022-22583 and CVE-2022-32800 |
|
|
|
| Diving into an Old Exploit Chain and Discovering 3 new SIP-Bypass Vulnerabilities |
|
|
|
| Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability |
|
|
|
| CVE-2019–6238: Apple XAR directory traversal vulnerability |
|
|
|
| Public Report – VPN by Google One Security Assessment |
|
|
|
| SysmonEoP |
|
|
|
| CertPotato – Using ADCS to privesc from virtual and network service accounts to local system |
|
|
|
| Multiple Vulnerabilities in Proxmox VE & Proxmox Mail Gateway |
|
|
|
| Brocade Fabric OS ≤ v8.0.2c rbash escape to read system files |
|
|
|
| discord.exe – Improper Input Validation |
|
|
|
| macOS Sandbox Escape vulnerability via Terminal |
|
|
|
| CVE-2022-32929 - Bypass iOS backup's TCC protection |
|
|
|
| CVE-2019-8561: A Hard-to-Banish PackageKit Framework Vulnerability in macOS |
|
|
|
| Windows Kernel: Exploit CVE-2022-35803 in Common Log File System |
|
|
|
writeups.xyz
/
Local Privilege Escalation