Day[0]

281 Episodo

1. [bounty] XSS for NFTs, a VMWare Workspace ONE UEM SSRF, and GitLab CI Container Escape

   Publicado: 3/5/2022
2. [binary] Getting into Vulnerability Research and a FUSE use-after-free

   Publicado: 28/4/2022
3. [bounty] A Struts RCE, Broken Java ECDSA (Psychic Signatures) and a Bad Log4Shell Fix

   Publicado: 26/4/2022
4. [binary] Another iOS Bug and Edge Chakra Exploitation

   Publicado: 21/4/2022
5. [bounty] Taking Over an Internal AWS Service and an Interesting XSS Vector

   Publicado: 19/4/2022
6. [binary] A subtle iOS parsing bug and a PHP use-after-free

   Publicado: 14/4/2022
7. [bounty] A Double-Edged SSRF, Pritunl VPN LPE, and a NodeBB Vuln

   Publicado: 12/4/2022
8. [binary] FORCEDENTRY Sandbox Escape and NetFilter Bugs

   Publicado: 7/4/2022
9. [bounty] Spring4Shell, PEAR Bugs, and GitLab Hardcoded Passwords

   Publicado: 5/4/2022
10. [binary] Pwning WD NAS, NetGear Routers, and Overflowing Kernel Pages

    Publicado: 31/3/2022
11. [bounty] GitLab Arbitrary File Read and Bypassing PHP's filter_var

    Publicado: 29/3/2022
12. [binary] Chrome Heap OOB Access and TLStorm

    Publicado: 24/3/2022
13. [bounty] DOMPDF XSS to RCE, Chrome Leaking Envrionment Vars, and cr8escape

    Publicado: 22/3/2022
14. [binary] A Windows UAF, Branch Prediction Bugs, and an io_uring Exploit

    Publicado: 17/3/2022
15. [bounty] Pascom RCE, AutoWarp, and a GKE Container Escape

    Publicado: 15/3/2022
16. [binary] Dirty Pipe and Analyzing Memory Tagging

    Publicado: 10/3/2022
17. [bounty] Facebook Exploits, pfSense RCE, and MySQLjs SQLi

    Publicado: 8/3/2022
18. [binary] ImageGear JPEG Vulns, NetFilter, and a LibCurl Memory Disclosure

    Publicado: 3/3/2022
19. [bounty] DynamicWeb RCE, VMWare Bugs, and Exploiting GitHub Actions

    Publicado: 1/3/2022
20. [binary] Zynq-7000 Secure Boot Bypass and Compiler-Created Bugs

    Publicado: 24/2/2022