CVE-2025-20281: Cisco ISE API Unauthenticated Remote Code Execution Vulnerability

July 25, 2025 | Bobby Gould CONTINUE READING

CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own

Blog post

CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own

May 09, 2024
Pwn2Own, Oracle, VirtualBox

Pwn2Own Vancouver 2024 - Day Two Results

Blog post

Pwn2Own Vancouver 2024 - Day Two Results

March 21, 2024
Pwn2Own, Microsoft, Mozilla, Docker, VMware, Linux, Oracle

Pwn2Own Vancouver 2023 - Day Two Results

Blog post

Pwn2Own Vancouver 2023 - Day Two Results

March 23, 2023
Pwn2Own, Oracle, Tesla, Microsoft

Pwn2Own Vancouver 2023 - Day One Results

Blog post

Pwn2Own Vancouver 2023 - Day One Results

March 22, 2023
Pwn2Own, Tesla, Microsoft, Apple, Oracle

CVE-2021-2429: A Heap-based Buffer Overflow Bug in the MySQL InnoDB memcached Plugin

Blog post

CVE-2021-2429: A Heap-based Buffer Overflow Bug in the MySQL InnoDB memcached Plugin

September 02, 2021
MySQL, Oracle, Research

CVE-2020-7454: Killing Two Birds with One Bug in libalias

Blog post

CVE-2020-7454: Killing Two Birds with One Bug in libalias

June 30, 2020
Oracle, FreeBSD, Research

Details on the Oracle WebLogic Vulnerability Being Exploited in the Wild

Blog post

Details on the Oracle WebLogic Vulnerability Being Exploited in the Wild

May 11, 2020
Oracle, WebLogic, Exploit

Pwn2Own Day Two – Results and Master of Pwn

Blog post

Pwn2Own Day Two – Results and Master of Pwn

March 20, 2020
Pwn2Own, Windows, Oracle, Adobe, VMware

CVE-2020-2555: RCE Through a Deserialization Bug in Oracle’s WebLogic Server

Blog post

CVE-2020-2555: RCE Through a Deserialization Bug in Oracle’s WebLogic Server

March 05, 2020
Oracle, WebLogic, Exploit

Patch Analysis: Examining a Missing Dot-Dot in Oracle WebLogic

Blog post

Patch Analysis: Examining a Missing Dot-Dot in Oracle WebLogic

September 17, 2019
Oracle, Research, Security Patch