| The Danger of Falling to System Role in AWS SDK Client |
|
|
|
| Code flaws leads to Org/Admin Account Takeover |
|
|
|
| Broken Access Control leads to full team takeover and privilege escalation |
|
|
|
| Cold Hard Cache — Bypassing RPC Interface Security with Cache Abuse |
|
|
|
| SSD Advisory – pfSense Post Auth RCE |
|
|
|
| Discovering The Less-known Vulnerability In Oracle Peoplesoft |
|
|
|
| Privilege Escalation Leads to making authenticated actions (payment processing, creating invoices.. etc) |
|
|
|
| Google & Apache Found Vulnerable to GitHub Environment Injection |
|
|
|
| The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors |
|
|
|
| Hijacking email with Cloudflare Email Routing |
|
|
|
| Multiple bugs in one program leads to 1500€ |
|
|
|
| Ability to login as google staff in Google Cloud Community |
|
|
|
| CVE-2022-32223 Discovery: DLL Hijacking via npm CLI |
|
|
|
| Microsoft Azure Site Recovery DLL Hijacking |
|
|
|
| Exploiting Authentication in AWS IAM Authenticator for Kubernetes |
|
|
|
| Interesting Privilege Escalation In an Old Private Program |
|
|
|
| We Hacked Larksuite For 1 month and Here is what we found |
|
|
|
| Vertical Privilege Escalation: The user can takeover an admin account via response manipulation |
|
|
|
| Hacking into the worldwide Jacuzzi SmartTub network |
|
|
|
| Chaining MFA-Enabled IAM Users with IAM Roles for Potential Privilege Escalation in AWS |
|
|
|
| Privilege Escalation in AKS Clusters |
|
|
|
| Microsoft Azure Synapse Pwnalytics |
|
|
|
| I Obtained ADMIN access via the Account Activation link [In 30 seconds] |
|
|
|
| Kubernetes Privilege Escalation: Excessive Permissions in Popular Platforms |
|
|
|
| Vulnerable GitHub Actions Workflows Part 2: Actions That Open the Door to CI/CD Pipeline Attacks |
|
|
|
writeups.xyz
/
Privilege Escalation