NCC Group Research Blog
Technical Advisory – New York State Excelsior Pass Vaccine Passport Credential Forgery
5 months 3 weeks ago
Technical Advisory – Multiple Vulnerabilities in Connectize G6 AC2100 Dual Band Gigabit WiFi Router (CVE-2023-24046, CVE-2023-24047, CVE-2023-24048, CVE-2023-24049, CVE-2023-24050, CVE-2023-24051, CVE-2023-24052)
5 months 3 weeks ago
Technical Advisory – Multiple vulnerabilities in Nuki smart locks (CVE-2022-32509, CVE-2022-32504, CVE-2022-32502, CVE-2022-32507, CVE-2022-32503, CVE-2022-32510, CVE-2022-32506, CVE-2022-32508, CVE-2022-32505)
5 months 3 weeks ago
Technical Advisory – macOS Installer Local Root Privilege Escalation (CVE-2020-9817)
5 months 3 weeks ago
Technical Advisory – Multiple HTML Injection Vulnerabilities in KaiOS Pre-installed Mobile Applications
5 months 3 weeks ago
Technical Advisory – Linux RDS Protocol Local Privilege Escalation
5 months 3 weeks ago
Technical Advisory – Lenovo ImController Local Privilege Escalation (CVE-2021-3922, CVE-2021-3969)
5 months 3 weeks ago
Technical Advisory – libraptor – XXE in RDF/XML File Interpretation
5 months 3 weeks ago
Technical Advisory – Kwikset/Weiser BLE Proximity Authentication in Kevo Smart Locks Vulnerable to Relay Attacks
5 months 3 weeks ago
Technical Advisory – KwikTag Web Admin Authentication Bypass
5 months 3 weeks ago
Technical Advisory – IBM TAM: Remote Directory Traversal and File Retrieval via web server plug-in
5 months 3 weeks ago
Technical Advisory – IBM WebSphere Commerce: Encrypted URL Parameter Vulnerable to Padding Oracle Attacks
5 months 3 weeks ago
Technical Advisory – Garuda Linux Insecure User Creation (CVE-2021-3784)
5 months 3 weeks ago
Technical Advisory – HTC IQRD Android Permission Leakage
5 months 3 weeks ago
Technical Advisory – FreePBX – Multiple Authenticated SQL Injections in UCP application
5 months 3 weeks ago
Technical Advisory – FUJITSU CentricStor Control Center <= V8.1 – Unauthenticated Command Injection ( CVE-2022-31794 and CVE-2022-31795)
5 months 3 weeks ago
Technical Advisory – DelTek Vision – Arbitrary SQL Execution (SQLi)
5 months 3 weeks ago
Technical Advisory – ExpressLRS vulnerabilities allow for hijack of control link
5 months 3 weeks ago
Technical Advisory – Citrix Access Gateway Command Injection Vulnerability
5 months 3 weeks ago
Checked
6 hours 34 minutes ago