CVE-2025-4919: Corruption via Math Space in Mozilla Firefox

July 15, 2025 | Hossein Lotfi CONTINUE READING

Testing for Truthiness: Exploiting Improper Checks

Blog post

Testing for Truthiness: Exploiting Improper Checks

March 09, 2018
Microsoft, Pwn2Own, Research

VMware Exploitation through Uninitialized Buffers

Blog post

VMware Exploitation through Uninitialized Buffers

March 01, 2018
VMware, Exploit, Research, Pwn2Own

Pushing WebKit's Buttons with a Mobile Pwn2Own Exploit

Blog post

Pushing WebKit's Buttons with a Mobile Pwn2Own Exploit

February 12, 2018
Apple, Research, Exploit, MP2O, Pwn2Own

One man's patch is another man's treasure: A tale of a failed HPE patch

Blog post

One man's patch is another man's treasure: A tale of a failed HPE patch

February 06, 2018
HPE, Research, Metasploit

Automating VMware RPC Request Sniffing

Blog post

Automating VMware RPC Request Sniffing

January 19, 2018
VMware, Research

A Matching Pair of Use-After-Free Bugs in Chakra asm.js

Blog post

A Matching Pair of Use-After-Free Bugs in Chakra asm.js

December 22, 2017
JavaScript, Chakra, Research, Top 5

VMware’s Launch escape SYSTEM

Blog post

VMware’s Launch escape SYSTEM

December 21, 2017
VMware, Research, Top 5

Invariantly Exploitable Input: An Apple Safari Bug Worth Revisiting

Blog post

Invariantly Exploitable Input: An Apple Safari Bug Worth Revisiting

December 20, 2017
Apple, Safari, Research, Top 5

Apache Groovy Deserialization: A Cunning Exploit Chain to Bypass a Patch

Blog post

Apache Groovy Deserialization: A Cunning Exploit Chain to Bypass a Patch

December 19, 2017
Apache, Research, Top 5

Reading Backwards – Controlling an Integer Underflow in Adobe Reader

Blog post

Reading Backwards – Controlling an Integer Underflow in Adobe Reader

December 18, 2017
Adobe, Top 5, Research