CVE-2025-4919: Corruption via Math Space in Mozilla Firefox

July 15, 2025 | Hossein Lotfi CONTINUE READING

MindShaRE: Decapping Chips for Electromagnetic Fault Injection (EMFI)

Blog post

MindShaRE: Decapping Chips for Electromagnetic Fault Injection (EMFI)

May 23, 2024
MindshaRE, Hardware, Research

CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability

Blog post

CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability

April 17, 2024
Windows, RAR, Research

CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability

Blog post

CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability

March 06, 2024
Microsoft, .NET Framework, Research

CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability

Blog post

CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability

February 06, 2024
Ivanti, Research

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside

Blog post

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside

October 18, 2023
Apple, Safari, Underflow, Research

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

Blog post

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

October 05, 2023
Sony, Automotive, Infotainment, Research

Finding Deserialization Bugs in the SolarWinds Platform

Blog post

Finding Deserialization Bugs in the SolarWinds Platform

September 21, 2023
SolarWinds, Deserialization, Research

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

Blog post

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

August 23, 2023
XWiki, Research, Exploit

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability

Blog post

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability

July 20, 2023
Progress, MOVEit, Research

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs

Blog post

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs

June 29, 2023
VMware, Aria, Research