Pwn2Own Berlin 2025: Day Three Results

May 17, 2025 | Dustin Childs CONTINUE READING

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside

Blog post

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside

October 18, 2023
Apple, Safari, Underflow, Research

The October 2023 Security Update Review

Blog post

The October 2023 Security Update Review

October 10, 2023
Adobe, Microsoft, Security Patch

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

Blog post

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

October 05, 2023
Sony, Automotive, Infotainment, Research

Finding Deserialization Bugs in the SolarWinds Platform

Blog post

Finding Deserialization Bugs in the SolarWinds Platform

September 21, 2023
SolarWinds, Deserialization, Research

The September 2023 Security Update Review

Blog post

The September 2023 Security Update Review

September 12, 2023
Apple, Cisco, Adobe, Microsoft, Security Patch

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

Blog post

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

August 23, 2023
XWiki, Research, Exploit

The August 2023 Security Update Review

Blog post

The August 2023 Security Update Review

August 08, 2023
Adobe, Microsoft, Security Patch

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability

Blog post

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability

July 20, 2023
Progress, MOVEit, Research

The July 2023 Security Update Review

Blog post

The July 2023 Security Update Review

July 11, 2023
Security Patch, Apple, Adobe, Microsoft

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs

Blog post

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs

June 29, 2023
VMware, Aria, Research