CVE-2025-20281: Cisco ISE API Unauthenticated Remote Code Execution Vulnerability

July 25, 2025 | Bobby Gould CONTINUE READING

Invariantly Exploitable Input: An Apple Safari Bug Worth Revisiting

Blog post

Invariantly Exploitable Input: An Apple Safari Bug Worth Revisiting

December 20, 2017
Apple, Safari, Research, Top 5

Apache Groovy Deserialization: A Cunning Exploit Chain to Bypass a Patch

Blog post

Apache Groovy Deserialization: A Cunning Exploit Chain to Bypass a Patch

December 19, 2017
Apache, Research, Top 5

Reading Backwards – Controlling an Integer Underflow in Adobe Reader

Blog post

Reading Backwards – Controlling an Integer Underflow in Adobe Reader

December 18, 2017
Adobe, Top 5, Research

The December 2017 Security Update Review

Blog post

The December 2017 Security Update Review

December 12, 2017
Adobe, Apple, Microsoft, Security Patch

Exploiting Untrusted Objects through Deserialization: Analyzing 1 of 100+ HPE Bug Submissions

Blog post

Exploiting Untrusted Objects through Deserialization: Analyzing 1 of 100+ HPE Bug Submissions

December 01, 2017
HPE, Research, Exploit

The November 2017 Security Update Review

Blog post

The November 2017 Security Update Review

November 14, 2017
Adobe, Microsoft, Security Patch

On the Trail to Mobile Pwn2Own

Blog post

On the Trail to Mobile Pwn2Own

October 27, 2017
Pwn2Own, Apple, Research, Exploit

Wrapping the Converter within Foxit Reader

Blog post

Wrapping the Converter within Foxit Reader

October 17, 2017
Foxit, Research, Techniques

The October 2017 Security Update Review

Blog post

The October 2017 Security Update Review

October 10, 2017
Adobe, Apple, Microsoft, Security Patch

Check it Out: Enforcement of Bounds Checks in Native JIT Code

Blog post

Check it Out: Enforcement of Bounds Checks in Native JIT Code

October 05, 2017
Research, JavaScript, Chakra