Pwn2Own Berlin 2025: Day Three Results

May 17, 2025 | Dustin Childs CONTINUE READING

VirtualBox 3D Acceleration: An accelerated attack surface

Blog post

VirtualBox 3D Acceleration: An accelerated attack surface

August 29, 2018
Research, Oracle, VirtualBox

Floating-Poison Math in Chakra

Blog post

Floating-Poison Math in Chakra

August 22, 2018
Chakra, JavaScript, Research

Throwing Shade: Analysis of a Foxit Integer Overflow

Blog post

Throwing Shade: Analysis of a Foxit Integer Overflow

August 01, 2018
Research, Foxit, PDF

Analyzing an Integer Overflow in Bitdefender AV: Part 2 – The Exploit

Blog post

Analyzing an Integer Overflow in Bitdefender AV: Part 2 – The Exploit

June 21, 2018
Research, Exploit, Bitdefender

Analyzing an Integer Overflow in Bitdefender AV: Part 1 – The Vulnerability

Blog post

Analyzing an Integer Overflow in Bitdefender AV: Part 1 – The Vulnerability

June 19, 2018
Bitdefender, Research, Exploit

Down the Rabbit Hole - A Deep Dive into an attack on an RPC interface

Blog post

Down the Rabbit Hole - A Deep Dive into an attack on an RPC interface

June 07, 2018
Advantech, SCADA, Research, Exploit

Malicious Intent using Adobe Acrobat's OCG setIntent

Blog post

Malicious Intent using Adobe Acrobat's OCG setIntent

May 29, 2018
Research, Adobe, Acrobat

It’s Time to Terminate the Terminator

Blog post

It’s Time to Terminate the Terminator

May 15, 2018
VBScript, Research, Microsoft

Running with Scissors: The Dangers of Cutting and Pasting Sample Code

Blog post

Running with Scissors: The Dangers of Cutting and Pasting Sample Code

May 02, 2018
Research, JSON

When Java throws you a Lemon, make Limenade: Sandbox escape by type confusion

Blog post

When Java throws you a Lemon, make Limenade: Sandbox escape by type confusion

April 25, 2018
Java, Oracle, Research