Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
409The code that wasn’t there: Reading memory on an Android device by accident Kernel hacking Android Memory leak Memory corruption Qualcomm Man Yue Mo (@mmolgtm) Bug Bounty2023-02-232023-06-13
365Hacking the Nintendo DSi Browser Memory corruption Use-After-Free Browser hacking Nintendo Nathan Farlow (@0x1337cafe) Bug Bounty2023-03-022023-06-13
351Microsoft Word RTF Font Table Heap Corruption Memory corruption Microsoft (Office) Joshua J. Drake (@jduck) Bug Bounty2023-03-052023-06-13
304Vulnerabilities in the TPM 2.0 reference implementation code Memory corruption Out-of-bounds Read Out-of-bounds Write Microsoft VMware Google IBM Lenovo Qemu Nuvoton Trusted Computing Group STMicroelectronics Aruba Networks CERT/CC libtpms Francisco Falcon (@fdfalcon) Bug Bounty2023-03-142023-06-13
303Producing a POC for CVE-2022-42475 (Fortinet RCE) Memory corruption RCE Integer overflow Heap overflow Fortinet Alain Mowat (@plopz0r) Bug Bounty2023-03-142023-06-13
221Escaping Adobe Sandbox: Exploiting an Integer Overflow in Microsoft Windows Crypto Provider Integer overflow Memory corruption Microsoft Michele Campa (@s1ckb017) Bug Bounty2023-04-062023-06-13
209Shell in the Ghost: Ghostscript CVE-2023-28879 writeup Buffer Overflow Memory corruption RCE Ghostscript sigabrt9 (@sigabrt9) Bug Bounty2023-04-112023-06-13
176CVE-2022-29844: A Classic Buffer Overflow On The Western Digital My Cloud Pro Series PR4100 Buffer Overflow Memory corruption RCE Western Digital Luca Moro (@johncool__) Bug Bounty2023-04-202023-06-13
173The Fuzzing Guide to the Galaxy: An Attempt with Android System Services Android Fuzzing Heap overflow Integer overflow Out-of-bounds Write Memory corruption Local Privilege Escalation Samsung Anthony Remy Bug Bounty2023-04-202023-06-13
165Compromising Garmin’s Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine IoT Memory corruption Buffer Overflow Integer overflow Out-of-bounds Read Out-of-bounds Write Type confusion Permission bypass Reverse engineering Garmin Tao Sauvage Bug Bounty2023-04-212023-06-13
134CVE-2023-28231: RCE In The Microsoft Windows DHCPv6 Service RCE Buffer Overflow Memory corruption Microsoft (Windows) Guy Lederfein (@glederfein) Bug Bounty2023-05-022023-06-13
127The Art of Information Disclosure: A Deep Dive into CVE-2022-37985, a Unique Information Disclosure Vulnerability in Windows Graphics Component Out-of-bounds Read Memory corruption Microsoft (Windows) Bing Sun Bug Bounty2023-05-032023-06-13
98The Printer Goes Brrrrr, Again! Printer hacking Buffer Overflow Memory corruption Canon Rémi Jullian (@netsecurity1) Bug Bounty2023-05-122023-06-13
96CS:GO: From Zero to 0-day Game hacking RCE Memory corruption Arbitrary file download Arbitrary file write DLL Hijacking Privilege Escalation Valve (CS:GO) Felipe Bug Bounty2023-05-132023-06-13
88FriendlyName’ Buffer Overflow Vulnerability in Wemo Smart Plug V2 IoT Buffer Overflow Memory corruption Reverse engineering Belkin (Wemo) Amit Serper (@0xAmit) Bug Bounty2023-05-162023-06-13
74Blind OS Command Injection via Activation Request Memory corruption Buffer Overflow Out-of-bounds Read VMware Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) Bug Bounty2023-05-182023-06-13
53Exploiting The Sonos One Speaker Three Different Ways: A Pwn2Own Toronto Highlight Memory corruption RCE Out-of-bounds Read Sonos The ZDI Research Team (@thezdi) Bug Bounty2023-05-252023-06-13
52Exploring Three Remote Code Execution Vulnerabilities in RPC Runtime RCE MS-RPC Integer overflow Memory corruption Microsoft (Windows) Ben Barnea (@nachoskrnl) Bug Bounty2023-05-262023-06-13
37Anatomy of an IoT Exploit, from Hands-On to RCE IoT RCE Buffer Overflow Memory corruption Wavlink David Baker Bug Bounty2023-06-012023-06-13