PinnedFlatt Security Inc.CVE-2021–20226 a reference counting bug which leads to local privilege escalation in io_uring.Hello, I’m Shiga( @Ga_ryo_ ), a security engineer at Flatt Security Inc.Jun 21, 2021Jun 21, 2021
Flatt Security Inc.Finding bugs to trigger Unauthenticated Command Injection in a NETGEAR router (PSV-2022–0044)How I found various vulnerabilities and chained some of the vulnerabilities into an unauthenticated command execution in NETGEAR WAC124.Mar 25, 2022Mar 25, 2022
Flatt Security Inc.Finding an unseen SQL Injection by bypassing escape functions in mysqljs/mysqlIt was found that unexpected behaviors in the query’s escape function could cause a SQL injection in mysqljs/mysqlFeb 21, 20223Feb 21, 20223
Flatt Security Inc.CVE-2020–15702 Race Condition vulnerability in handling of PID by apportNote) It’s just an English version of previous post.Jun 21, 2021Jun 21, 2021