Hacker News
- Exploiting a Flaw in Bitmap Handling in Windows User-Mode Printer Drivers https://www.thezdi.com/blog/2023/8/1/exploiting-a-flaw-in-bitmap-handling-in-windows-user-mode-printer-drivers 6 comments
- But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 2) https://www.thezdi.com/blog/2022/8/23/but-you-told-me-you-were-safe-attacking-the-mozilla-firefox-renderer-part-2 2 comments
- But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 1) https://www.thezdi.com/blog/2022/8/17/but-you-told-me-you-were-safe-attacking-the-mozilla-firefox-renderer-part-1 10 comments
- Microsoft Windows Network File System v4 Remote Code Execution https://www.thezdi.com/blog/2022/7/13/cve-2022-30136-microsoft-windows-network-file-system-v4-remote-code-execution-vulnerability 42 comments
- Exploiting a heap overflow in the FreeBSD wi-fi stack https://www.thezdi.com/blog/2022/6/15/cve-2022-23088-exploiting-a-heap-overflow-in-the-freebsd-wi-fi-stack 27 comments
- CVE-2020-0688: Remote Code Execution on Microsoft Exchange Server https://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys 20 comments
- RCE Without Native Code: Exploitation of a Write-What-Where in Internet Explorer https://www.thezdi.com/blog/2019/5/21/rce-without-native-code-exploitation-of-a-write-what-where-in-internet-explorer 9 comments
- Pwn2Own Vancouver 2019: Tesla, VMWare, Microsoft, and more https://www.thezdi.com/blog/2019/1/14/pwn2own-vancouver-2019-tesla-vmware-microsoft-and-more 169 comments
- CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack https://www.thezdi.com/blog/2022/6/15/cve-2022-23088-exploiting-a-heap-overflow-in-the-freebsd-wi-fi-stack 3 comments netsec
- CVE-2020-8835: Linux Kernel Privilege Escalation via improper EBPF Program Verification https://www.thezdi.com/blog/2020/4/8/cve-2020-8835-linux-kernel-privilege-escalation-via-improper-ebpf-program-verification 3 comments netsec
- Forgot2kEyXCHANGE - CVE-2020-0688: Remote Code Execution on Microsoft Exchange Server Through Fixed Cryptographic Keys https://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys 3 comments programming
- Forgot2kEyXCHANGE - CVE-2020-0688: Remote Code Execution on Microsoft Exchange Server Through Fixed Cryptographic Keys https://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys 32 comments netsec
- RCE Without Native Code: Exploitation of a Write-What-Where in Internet Explorer https://www.thezdi.com/blog/2019/5/21/rce-without-native-code-exploitation-of-a-write-what-where-in-internet-explorer 3 comments netsec
- CVE-2019-0604: Details of a Microsoft SharePoint RCE Vulnerability https://www.thezdi.com/blog/2019/3/13/cve-2019-0604-details-of-a-microsoft-sharepoint-rce-vulnerability 10 comments netsec
- Regarding the current and still unpatched elevation of privilege Exchange vulnerability CVE-2018-8581 https://www.thezdi.com/blog/2018/12/19/an-insincere-form-of-flattery-impersonating-users-on-microsoft-exchange 3 comments sysadmin
- Remote Root in DirecTV's Wireless Video Bridge: A Tale of Rage and Despair https://www.thezdi.com/blog/2017/12/13/remote-root-in-directvs-wireless-video-bridge-a-tale-of-rage-and-despair 4 comments linux
- Remote Root in DirecTV's Wireless Video Bridge: A Tale of Rage and Despair https://www.thezdi.com/blog/2017/12/13/remote-root-in-directvs-wireless-video-bridge-a-tale-of-rage-and-despair 6 comments netsec