Hacker News
- CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog() https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt 18 comments
- Looney Tunables – Local privilege escalation in glibc’s ld.so https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt 4 comments
- Local privilege escalation in glibc’s ld.so https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt 6 comments
- Pwnkit: Local Privilege Escalation in polkit's pkexec https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt 41 comments
- Pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt 3 comments
- Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt 2 comments
- Heap-based buffer overflow in Sudo https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt 317 comments
- 15 years later: remote code execution in qmail https://www.qualys.com/2020/05/19/cve-2005-1513/remote-code-execution-qmail.txt 159 comments
- Linux PIE/stack corruption https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt 10 comments
- The Stack Clash https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt 69 comments
- Roaming through the OpenSSH client: CVE-2016-0777 and 0778 https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt 8 comments
Lobsters
- Looney Tunables: Local Privilege Escalation in the glibc's ld.so (CVE-2023-4911) https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt 9 comments linux , security
- CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt 4 comments security
- 21Nails: Multiple vulnerabilities in Exim https://www.qualys.com/2021/05/04/21nails/21nails.txt 2 comments security
- System Down: A systemd-journald exploit https://www.qualys.com/2019/01/09/system-down/system-down.txt 3 comments linux , security , systemd
- The Stack Clash https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt 25 comments security , unix
- CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog() https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt 3 comments netsec
- CVE-2023-38408 is a good example of why bloated installation could be harmful for security https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt 20 comments debian
- CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt 2 comments netsec
- Oh Snap! More Lemmings (Local Privilege Escalation in snap-confine) https://www.qualys.com/2022/02/17/cve-2021-44731/oh-snap-more-lemmings.txt 2 comments netsec
- pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt 52 comments sysadmin
- pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt 24 comments linux
- Server hosted vulnerability scanner https://www.qualys.com/ 14 comments selfhosted
- 21Nails: Multiple Critical Vulnerabilities in Exim Mail Server https://www.qualys.com/2021/05/04/21nails/21nails.txt 13 comments netsec
- Heap-based buffer overflow in Sudo (CVE-2021-3156) - obtained full root privileges on Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2) https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt 77 comments netsec
- Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156) https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt 57 comments linux
- 15 years later, bugs were never fixed: Remote Code Execution in qmail (CVE-2005-1513) https://www.qualys.com/2020/05/19/cve-2005-1513/remote-code-execution-qmail.txt 22 comments netsec
- RedHat Kernel Zero-Day : CVE-2018-14634 https://www.qualys.com/2018/09/25/cve-2018-14634/mutagen-astronomy-integer-overflow-linux-create_elf_tables-cve-2018-14634.txt 3 comments sysadmin
- Mitigating CVE-2017-1000364 ("Stack Clash") by adjusting the stack guard-page/heap stack gap? https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt 3 comments linuxadmin
- The Stack Clash https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt 25 comments netsec
- Latest OpenSSH exploits explained https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt 3 comments programming
- Is OpenWrt affected by the two new OpenSSH vulnerabilities? CVE-2016-0777 and CVE-2016-0778 https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt 7 comments openwrt
- OpenSMTPD Audit Report https://www.qualys.com/2015/10/02/opensmtpd-audit-report.txt 45 comments netsec