Netcrook
#elevazione privilegi
Old Graphics Plumbing, New Patch Pressure: X.Org and Xwayland Flaws Put Unix-like Desktops on Alert
Nine vulnerabilities in the X.Org X server and Xwayland show how a compatibility layer can still carry meaningful risk for availability and privilege boundaries.
Logged-In, Not Locked Out: Ivanti ITSM Bug Raises the Stakes on Internal Trust
A high-severity flaw in an IT service management platform shows how one authenticated account can become a control problem, not just a login problem.
Plesk patches a privilege-escalation flaw inside APS Catalog
A security update closed a post-authentication weakness in a server-management component that handles packaged apps and sits close to the control plane.
Grafana’s Hidden Weak Link: When Access Control Bugs Become Identity Problems
Multiple Grafana vulnerabilities were patched after security reviewers flagged paths that could let a user climb privilege boundaries or act as someone else inside affected systems.
When a Virtual Machine Helper Becomes the Host’s Weakest Link
A high-severity VMware Fusion flaw for macOS shows how a local race condition in privileged code can turn a routine user session into root-level control of the host.