PinnedFlatt Security Inc.CVE-2021–20226 a reference counting bug which leads to local privilege escalation in io_uring.Hello, I’m Shiga( @Ga_ryo_ ), a security engineer at Flatt Security Inc.20 min read·Jun 21, 2021----
Flatt Security Inc.Finding bugs to trigger Unauthenticated Command Injection in a NETGEAR router (PSV-2022–0044)How I found various vulnerabilities and chained some of the vulnerabilities into an unauthenticated command execution in NETGEAR WAC124.11 min read·Mar 25, 2022----
Flatt Security Inc.Finding an unseen SQL Injection by bypassing escape functions in mysqljs/mysqlIt was found that unexpected behaviors in the query’s escape function could cause a SQL injection in mysqljs/mysql9 min read·Feb 21, 2022--3--3
Flatt Security Inc.CVE-2020–15702 Race Condition vulnerability in handling of PID by apportNote) It’s just an English version of previous post.12 min read·Jun 21, 2021----