29 January 2025
CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 2
In the previous article, we discussed […]
29 January 2025
CVE-2024-49138 Windows CLFS heap-based buffer overflow analysis – Part 1
CVE-2024-49138 is a Windows vulnerability detected […]
15 January 2025
From arbitrary pointer dereference to arbitrary read/write in latest Windows 11
In the last part of this […]
9 October 2024
Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 3
In the previous part of the […]
2 October 2024
Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 2
Welcome back! We concluded the previous […]
25 September 2024
Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 1
After attending the OST2 – Exp4011 […]
27 February 2023
Abusing Maven’s pom.xml
Apache Maven is a well-known tool […]
18 January 2023
Nothing new under the Sun – Discovering and exploiting a CDE bug chain
“What has been will be again, […]
7 September 2022
Groovy Template Engine Exploitation – Notes from a real case scenario
Java web applications are far from […]
22 August 2022
Useless path traversals in Zyxel admin interface (CVE-2022-2030)
During our analysis of Zyxel’s device […]
26 July 2022
Zyxel authentication bypass patch analysis (CVE-2022-0342)
A few months ago, new firmware […]
7 June 2022
Multiple vulnerabilities in Zyxel zysh
“We live on a placid island […]