Pwn2Own Returns to Ireland with a One Million Dollar WhatsApp Target

July 31, 2025 | Dustin Childs CONTINUE READING

CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability

Blog post

CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability

April 17, 2024
Windows, RAR, Research

CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability

Blog post

CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability

March 06, 2024
Microsoft, .NET Framework, Research

CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability

Blog post

CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability

February 06, 2024
Ivanti, Research

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside

Blog post

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside

October 18, 2023
Apple, Safari, Underflow, Research

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

Blog post

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

October 05, 2023
Sony, Automotive, Infotainment, Research

Finding Deserialization Bugs in the SolarWinds Platform

Blog post

Finding Deserialization Bugs in the SolarWinds Platform

September 21, 2023
SolarWinds, Deserialization, Research

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

Blog post

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

August 23, 2023
XWiki, Research, Exploit

Exploiting a Flaw in Bitmap Handling in Windows User-Mode Printer Drivers

Blog post

Exploiting a Flaw in Bitmap Handling in Windows User-Mode Printer Drivers

August 02, 2023
Microsoft, Kernel, LPE

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability

Blog post

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability

July 20, 2023
Progress, MOVEit, Research

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs

Blog post

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs

June 29, 2023
VMware, Aria, Research