Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4070Nuget/Squirrel uncontrolled endpoints leads to arbitrary code execution RCE Microsoft Reegun J (@reegun21) Bug Bounty2019-06-282023-06-13
3185Oversecured automatically discovers persistent code execution in the Google Play Core Library Arbitrary Code Execution Android Google Oversecured (@OversecuredInc) Bug Bounty2020-08-282023-06-13
3122Arbitrary code execution on Facebook for Android through download feature Arbitrary code execution Meta / Facebook Sayed Abdelhafiz (@dPhoeniixx) Bug Bounty2020-10-022023-06-13
2640Allow arbitrary URLs, expect arbitrary code execution RCE Nextcloud Telegram VLC Fabian Bräunlein Bug Bounty2021-04-152023-06-13
2581ExifTool CVE-2021-22204 - Arbitrary Code Execution RCE GitLab William Bowling / vakzz (@wcbowling) Bug Bounty2021-05-042023-06-13
1106Pwn2Own Miami 2022: AVEVA Edge Arbitrary Code Execution Arbitrary Code Execution Local Privilege Escalation AVEVA Daan Keuper (@daankeuper) Bug Bounty2022-09-082023-06-13
1088Hacking Unity Games with Malicious GameObjects Arbitrary code execution RCE Unity Jason Kielpinski (@f2jason) Bug Bounty2022-09-132023-06-13
948Pwn2Own Miami 2022: ICONICS GENESIS64 Arbitrary Code Execution RCE ICONICS Sector 7 (@sector7_nl) Bug Bounty2022-10-172023-06-13
764Multiple Vulnerabilities found in Airtel Android Application Arbitrary Code Execution URL validation bypass Symlink attack XSS Android Webview Airtel Google Gaurang Bhatnagar (@hax0rgb) Bug Bounty2022-11-272023-06-13
220A web security story from 2008: silently securing JSON.parse Parsing issue XSS Arbitrary Code Execution JSON.parse Mike Samuel (@mvsamuel) Bug Bounty2023-04-062023-06-13
152Git Arbitrary Configuration Injection (CVE-2023-29007) Logic flaw Arbitrary Code Execution Security code review Git André Baptista (@0xacb) Bug Bounty2023-04-262023-06-13
151Alias file to rule them all — One click code execution with alias file in macOS Arbitrary Code Execution TCC bypass Apple (macOS) Mikko Kenttälä (@Turmio_) Bug Bounty2023-04-262023-06-13