| 1670 | How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables |
Memory corruption
Local Privilege Escalation |
Linux Kernel Organization |
David Bouman (@pqlqpql) |
Bug Bounty | 2022-04-02 | 2023-06-13 |
| 1631 | Inside the Black Box | How We Fuzzed Microsoft Defender for IoT and Found Multiple Vulnerabilities |
DoS
Memory corruption |
Microsoft |
Kasif Dekel (@kasifdekel) |
Bug Bounty | 2022-04-13 | 2023-06-13 |
| 1626 | Blinding Snort: Breaking The Modbus OT Preprocessor |
Memory corruption |
Cisco |
Claroty%27s Team82 (@Claroty) |
Bug Bounty | 2022-04-14 | 2023-06-13 |
| 1544 | Exploiting an Unbounded memcpy in Parallels Desktop: A Pwn2Own 2021 Guest-to-Host Virtualization Escape |
Memory corruption |
Parallels |
RET2 Systems (@ret2systems) |
Bug Bounty | 2022-05-19 | 2023-06-13 |
| 1522 | The Printer Goes BRRRRR!!! |
Memory corruption |
HP
Lexmark
Canon |
Mehdi Talbi (@abu_y0ussef) |
Bug Bounty | 2022-05-25 | 2023-06-13 |
| 1501 | Is Exploiting A Null Pointer Deref For LPE Just A Pipe Dream? |
Memory corruption |
Microsoft (Bitdefender) |
Michael DePlante (@izobashi) |
Bug Bounty | 2022-06-02 | 2023-06-13 |
| 1496 | Multiple vulnerabilities in Zyxel zysh |
OS command injection
Memory corruption |
Zyxel |
Marco Ivaldi / Raptor (@0xdea) |
Bug Bounty | 2022-06-07 | 2023-06-13 |
| 1493 | CVE-2022-26937: Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow |
Buffer Overflow
Memory corruption |
Microsoft |
Yuki Chen (@guhe120) |
Bug Bounty | 2022-06-08 | 2023-06-13 |
| 1481 | A Story of a Bug Found Fuzzing |
Browser hacking
Memory corruption |
Google
Microsoft |
Abdulrhman Alqabandi (@qab) |
Bug Bounty | 2022-06-11 | 2023-06-13 |
| 1475 | Yet another bug into Netfilter |
Memory corruption
Local Privilege Escalation |
Linux Kernel Organization |
Arthur Mongodin |
Bug Bounty | 2022-06-13 | 2023-06-13 |
| 1463 | [BugTales] UnZiploc: From 0-click To Platform Compromise |
Memory corruption
Logic flaw
RCE
Local Privilege Escalation |
Huawei |
Daniel Komaromy (@kutyacica) |
Bug Bounty | 2022-06-14 | 2023-06-13 |
| 1461 | Breaking Secure Boot on Google Nest Hub (2nd Gen) to run Ubuntu |
Hardware hacking
Memory corruption |
Google |
Frédéric Basse (@FredoBasse) |
Bug Bounty | 2022-06-15 | 2023-06-13 |
| 1459 | CVE-2022-23088: Exploiting A Heap Overflow In The Freebsd Wi-fi Stack |
Memory corruption
RCE |
FreeBSD Security Team |
m00nbsd (@m00nbsd) |
Bug Bounty | 2022-06-16 | 2023-06-13 |
| 1456 | The Android kernel mitigations obstacle race |
Memory corruption
Android |
Qualcomm |
Man Yue Mo (@mmolgtm) |
Bug Bounty | 2022-06-16 | 2023-06-13 |
| 1431 | mysqlnd/pdo password buffer overflow leading to RCE (CVE 2022-31626) |
Buffer Overflow
Memory corruption |
PHP |
Charles Fol (@cfreal_) |
Bug Bounty | 2022-06-25 | 2023-06-13 |
| 1406 | Get root on macOS 12.3.1: proof-of-concepts for Linus Henze%27s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763) |
Signature validation bypass
Memory corruption
Local Privilege Escalation
MacOS |
Apple |
Zhuowei Zhang (@zhuowei) |
Bug Bounty | 2022-07-02 | 2023-06-13 |
| 1368 | CVE-2022-30136: Microsoft Windows Network File System V4 Remote Code Execution Vulnerability |
RCE
DoS
Memory corruption |
Microsoft |
Yuki Chen (@guhe120) |
Bug Bounty | 2022-07-14 | 2023-06-13 |
| 1336 | [CVE-2022-34918] A crack in the Linux firewall |
Memory corruption
Local Privilege Escalation |
Linux Kernel Organization |
Arthur Mongodin |
Bug Bounty | 2022-07-20 | 2023-06-13 |
| 1321 | Technical Advisory – Multiple vulnerabilities in Nuki smart locks (CVE-2022-32509, CVE-2022-32504, CVE-2022-32502, CVE-2022-32507, CVE-2022-32503, CVE-2022-32510, CVE-2022-32506, CVE-2022-32508, CVE-2022-32505) |
Memory corruption
DoS
Broken Access Control
Sensitive Information Sent Over an Unencrypted Channel |
Nuki |
Daniel Romero (@daniel_rome) |
Bug Bounty | 2022-07-25 | 2023-06-13 |
| 1302 | Corrupting memory without memory corruption |
Memory corruption |
Google |
Man Yue Mo (@mmolgtm) |
Bug Bounty | 2022-07-27 | 2023-06-13 |
| 1297 | Arris / Arris-variant DSL/Fiber router critical vulnerability exposure |
Path traversal
Memory corruption |
ARRIS |
Derek Abdine (@dabdine) |
Bug Bounty | 2022-07-29 | 2023-06-13 |
| 1290 | Analysis of Adobe Acrobat Reader Javascript Doc.print() Use-After-Free Vulnerability (CVE-2022-34233) |
Memory corruption |
Adobe |
ThreatLabz (@Threatlabz) |
Bug Bounty | 2022-08-01 | 2023-06-13 |
| 1274 | CVE-2022-29582 - An io_uring vulnerability |
Memory corruption |
Google |
Jayden (@Awarau1) |
Bug Bounty | 2022-08-06 | 2023-06-13 |
| 1270 | SSD Advisory – Apple Safari ICU Out-Of-Bounds Write |
Memory corruption
Out-of-bounds Write |
Apple |
Dohyun Lee (@l33d0hyun) |
Bug Bounty | 2022-08-07 | 2023-06-13 |
| 1261 | The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I) |
Memory corruption
Race condition
Local Privilege Escalation
Android |
Linux Kernel Organization
Google
Samsung |
Xingyu Jin |
Bug Bounty | 2022-08-10 | 2023-06-13 |
