Crafting a Full Exploit RCE from a Crash in Autodesk Revit RFA File Parsing

October 08, 2025 | Simon Zuckerbraun CONTINUE READING

(Web)Access (Un)Control

Blog post

(Web)Access (Un)Control

March 07, 2019
Advantech, SCADA, Research

Finding Unicorns: When the C++ Compiler Writes the Vuln

Blog post

Finding Unicorns: When the C++ Compiler Writes the Vuln

February 28, 2019
Microsoft, Visual Studio, Research

The February 2019 Security Update Review

Blog post

The February 2019 Security Update Review

February 12, 2019
Microsoft, Adobe, Security Patch

Using the Weblinks API to Reach JavaScript UAFs in Adobe Reader

Blog post

Using the Weblinks API to Reach JavaScript UAFs in Adobe Reader

February 06, 2019
Adobe, Acrobat, Research

Implementing Fuzz Logics with Dharma

Blog post

Implementing Fuzz Logics with Dharma

January 31, 2019
Dharma, Research, Foxit, Fuzzer

Of ISOs and Attorneys: Legal Action in Vulnerability Disclosure

Blog post

Of ISOs and Attorneys: Legal Action in Vulnerability Disclosure

January 29, 2019
Program News, Disclosure

The ZDI 2018 Retrospective

Blog post

The ZDI 2018 Retrospective

January 17, 2019
Retrospective, Stats

Pwn2Own Vancouver 2019: Tesla, VMware, Microsoft, and More

Blog post

Pwn2Own Vancouver 2019: Tesla, VMware, Microsoft, and More

January 14, 2019
Pwn2Own, Tesla, Microsoft, Google, Adobe, Apple

The January 2019 Security Update Review

Blog post

The January 2019 Security Update Review

January 08, 2019
Microsoft, Adobe, Security Patch

ZDI-18-1372 – The Elegant Bypass

Blog post

ZDI-18-1372 – The Elegant Bypass

December 21, 2018
Top 5, Adobe, Research