Hacker News
- CVE-2023-42115 Exim RCE https://www.zerodayinitiative.com/advisories/ZDI-23-1469/ 3 comments
- Linux Kernel Ksmbd Use-After-Free Remote Code Execution Vulnerability https://www.zerodayinitiative.com/advisories/ZDI-22-1690/ 104 comments
- Two Winning Pwn2Own JIT Vulnerabilities in Mozilla Firefox https://www.zerodayinitiative.com/blog/2019/4/18/the-story-of-two-winning-pwn2own-jit-vulnerabilities-in-mozilla-firefox 5 comments
- Remote Root in DirectTV's Wireless Video Bridge https://www.zerodayinitiative.com/blog/2017/12/13/remote-root-in-directvs-wireless-video-bridge-a-tale-of-rage-and-despair 4 comments
- The Resuts – Pwn2Own 2017 Day Three https://www.zerodayinitiative.com/blog/2017/3/17/the-results-pwn2own-2017-day-three 13 comments
Lobsters
- But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 1) https://www.zerodayinitiative.com/blog/2022/8/17/but-you-told-me-you-were-safe-attacking-the-mozilla-firefox-renderer-part-1 4 comments browsers , security
- When playing with crypto watch out for things like the WinRAR vulnerability https://www.zerodayinitiative.com/advisories/ZDI-23-1152/ 71 comments cryptocurrency
- CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability https://www.zerodayinitiative.com/blog/2023/7/19/cve-2023-36934-progress-software-moveit-transfer-sql-injection-remote-code-execution-vulnerability 2 comments reverseengineering
- CVE-2022-38108: RCE in SolarWinds Network Performance Monitor https://www.zerodayinitiative.com/blog/2023/2/27/cve-2022-38108-rce-in-solarwinds-network-performance-monitor 2 comments reverseengineering
- CVE-2022-35690: Unauthenticated RCE in Adobe ColdFusion https://www.zerodayinitiative.com/blog/2023/1/18/cve-2022-35690-unauthenticated-rce-in-adobe-coldfusion 3 comments reverseengineering
- Linux Kernel ksmbd Use-After-Free Remote Code Execution Vulnerability ZDI-22-1690 CVSS SCORE 10.0 https://www.zerodayinitiative.com/advisories/ZDI-22-1690/ 78 comments linux
- Analyzing BSD Kernels for Uninitialized Memory Disclosures using Binary Ninja https://www.zerodayinitiative.com/blog/2022/9/19/mindshare-analyzing-bsd-kernels-with-binary-ninja 2 comments reverseengineering
- CVE-2022-34715: More Microsoft Windows NFS v4 Remote Code Execution https://www.zerodayinitiative.com/blog/2022/8/31/cve-2022-34715-more-microsoft-windows-nfs-v4-remote-code-execution 3 comments reverseengineering
- Zero Day Initiative — But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 1) https://www.zerodayinitiative.com/blog/2022/8/17/but-you-told-me-you-were-safe-attacking-the-mozilla-firefox-renderer-part-1 4 comments netsec
- Looking at Patch Gap Vulnerabilities in the VMware ESXi TCP/IP Stack https://www.zerodayinitiative.com/blog/2022/7/25/looking-at-patch-gap-vulnerabilities-in-the-vmware-esxi-tcpip-stack 2 comments reverseengineering
- CVE-2022-30136: Microsoft Windows NFS v4 Remote Code Execution Vulnerability https://www.zerodayinitiative.com/blog/2022/7/13/cve-2022-30136-microsoft-windows-network-file-system-v4-remote-code-execution-vulnerability 3 comments reverseengineering
- Abusing Arbitrary File Deletes in Microsoft Windows to Escalate Privilege and Other Great Tricks https://www.zerodayinitiative.com/blog/2022/3/16/abusing-arbitrary-file-deletes-to-escalate-privilege-and-other-great-tricks 2 comments reverseengineering
- ZDI-CAN-12671: Windows Kernel DoS/Privilege Escalation via a NULL Pointer Deref https://www.zerodayinitiative.com/blog/2021/1/27/zdi-can-12671-windows-kernel-dosprivilege-escalation-via-a-null-pointer-deref 3 comments netsec
- Static Taint Analysis using Binary Ninja: A Case Study of MySQL Cluster Vulnerabilities https://www.zerodayinitiative.com/blog/2022/2/14/static-taint-analysis-using-binary-ninja-a-case-study-of-mysql-cluster-vulnerabilities 2 comments reverseengineering
- When MySQL Cluster Encounters Taint Analysis: Finding bugs in MySQL using the Clang Static Analyzer and CodeQL tools https://www.zerodayinitiative.com/blog/2022/2/10/mindshare-when-mysql-cluster-encounters-taint-analysis 2 comments reverseengineering
- CVE-2021-45105: Denial of Service via Uncontrolled Recursion in Log4j StrSubstitutor https://www.zerodayinitiative.com/blog/2021/12/17/cve-2021-45105-denial-of-service-via-uncontrolled-recursion-in-log4j-strsubstitutor 9 comments reverseengineering
- Understanding the Root Cause of CVE-2021-21220 – A Chrome Bug from Pwn2Own 2021 [Part 2 of 3] https://www.zerodayinitiative.com/blog/2021/12/8/understanding-the-root-cause-of-cve-2021-21220-a-chrome-bug-from-pwn2own-2021 3 comments reverseengineering
- Two Birds with One Stone: An Introduction to V8 and JIT Exploitation https://www.zerodayinitiative.com/blog/2021/12/6/two-birds-with-one-stone-an-introduction-to-v8-and-jit-exploitation 3 comments reverseengineering
- ProxyToken: An Authentication Bypass in Microsoft Exchange Server https://www.zerodayinitiative.com/blog/2021/8/30/proxytoken-an-authentication-bypass-in-microsoft-exchange-server 3 comments reverseengineering
- CVE-2021-26892: An Authorization Bypass on the Microsoft Windows EFI System Partition https://www.zerodayinitiative.com/blog/2021/6/30/cve-2021-26892-an-authorization-bypass-on-the-microsoft-windows-efi-system-partition 5 comments reverseengineering
- CVE-2021-31166: A Wormable Code Execution Bug in HTTP.sys https://www.zerodayinitiative.com/blog/2021/5/17/cve-2021-31166-a-wormable-code-execution-bug-in-httpsys 2 comments reverseengineering
- CVE-2021-20226: A reference-counting bug in the Linux kernel io_uring subsystem that can be leveraged for local privilege escalation https://www.zerodayinitiative.com/blog/2021/4/22/cve-2021-20226-a-reference-counting-bug-in-the-linux-kernel-iouring-subsystem 3 comments reverseengineering
- The Battle Between White Box and Black Box Bug Hunting in Wireless Routers: Two Different Approaches that Lead to Similar Results https://www.zerodayinitiative.com/blog/2021/3/11/the-battle-between-white-box-and-black-box-bug-hunting-in-wireless-routers 2 comments reverseengineering
- Three more bugs in SolarWinds Orion, including a privilege escalation that could lead to Administrative privs https://www.zerodayinitiative.com/blog/2021/2/11/three-more-bugs-in-orions-belt 4 comments reverseengineering
- Details on a Windows kernel NULL pointer deref than can lead to a DoS, or in rare cases, local privilege escalation https://www.zerodayinitiative.com/blog/2021/1/27/zdi-can-12671-windows-kernel-dosprivilege-escalation-via-a-null-pointer-deref 3 comments reverseengineering
- CVE-2020-27897: Apple macOS Kernel OOB Write Privilege Escalation Vulnerability https://www.zerodayinitiative.com/blog/2020/12/9/cve-2020-27897-apple-macos-kernel-oob-write-privilege-escalation-vulnerability 5 comments reverseengineering
- Finding unicorns: when the C++ compiler writes the vulnerability https://www.zerodayinitiative.com/blog/2019/2/28/finding-unicorns-when-the-c-compiler-writes-the-vuln 16 comments cpp
- A 0Day vulnerability in MS Windows has gone public because Microsoft missed the canonical 120 days deadline https://www.zerodayinitiative.com/advisories/zdi-18-1075/ 586 comments programming
- Details of the Mozilla Firefox exploit used at the recent Pwn2Own contest and the patch that fixed it. https://www.zerodayinitiative.com/blog/2018/4/5/quickly-pwned-quickly-patched-details-of-the-mozilla-pwn2own-exploit 6 comments netsec
- Demonstrating a VMware guest-to-host escape: ZDI researchers break down a winning Pwn2Own exploit chain that executes code on the hypervisor. https://www.zerodayinitiative.com/blog/2018/3/1/vmware-exploitation-through-uninitialized-buffers 6 comments netsec
- Analyzing a Safari exploit and patch from Pwn2Own 2017 https://www.zerodayinitiative.com/blog/2017/10/27/on-the-trail-to-mobile-pwn2own 2 comments netsec
- VMware Escapology - Researchers from ZDI release Metasploit modules for VMware Escapes https://www.zerodayinitiative.com/blog/2017/10/04/vmware-escapology-how-to-houdini-the-hypervisor 8 comments netsec
- Apache 2.x Zero Day Vuln. (mod_status) http://www.zerodayinitiative.com/advisories/zdi-14-236/ 9 comments netsec
- (0Day) (Mobile Pwn2Own) Polaris Viewer DOCX VML Shape Tag Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/zdi-13-211/ 6 comments netsec