Pwn2Own Toronto 2023 - Day Three Results October 26, 2023 | Dustin Childs... 2023-10-26 21:17:58 | 阅读: 10 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com pwn2own toronto mf753cdw tuned eastern

Pwn2Own Toronto 2023 - Day Two Results October 25, 2023 | Dustin Childs... 2023-10-25 21:26:1 | 阅读: 11 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com pwn2own toronto sonos viettel dustin

Pwn2Own Toronto 2023 - Day One Results October 24, 2023 | Dustin Childs... 2023-10-24 21:28:38 | 阅读: 10 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com pwn2own toronto dustin qnap synology

Pwn2Own Toronto 2023 - The Full Schedule Welcome to Pwn2Own Toronto for 2023! Last year’s event was our largest ever, and this year’s cont... 2023-10-24 07:21:35 | 阅读: 12 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com printers canon wednesday tuesday thursday

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside In May 2023, we received a vulnerability report from... 2023-10-19 00:56:23 | 阅读: 14 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com arraybuffer valueof memmove underflow

The October 2023 Security Update Review Twenty years ago this month, Microsoft introduced the concept of “Patch Tuesday” – although the m... 2023-10-11 01:29:38 | 阅读: 14 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft attacker cves queuing windows

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit Last month, we looked at the attack surface of the Sony XAV-AX5500 – one of the targets in the upc... 2023-10-5 23:37:8 | 阅读: 12 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com sony xav ax5500 handset weblink

Finding Deserialization Bugs in the SolarWind Platform It’s been a while since I have written a blog post, p... 2023-9-22 00:12:53 | 阅读: 22 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com retrieved attacker payload amqp

The September 2023 Security Update Review Hello and welcome to another patch Tuesday in what continues to be a hot 0-day summer, with new e... 2023-9-13 01:28:21 | 阅读: 18 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft attacker exchange cves remote

Looking at the ChargePoint Home Flex Threat Landscape We recently announced the rules and targets for the upcoming Pwn2Own Automotive competition. As we... 2023-9-8 00:9:40 | 阅读: 16 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com chargepoint charger network hardware

Revealing the Targets and Rules for the First Pwn2Own Automotive If you just want to read the rules, you can find them... 2023-8-29 23:4:17 | 阅读: 14 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com automotive pwn2own contest vehicle ev

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki In this excerpt of a Trend Micro Vulnerability Researc... 2023-8-23 23:46:33 | 阅读: 64 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com xwiki invitation wiki injection attacker

The August 2023 Security Update Review Greetings from hacker summer camp! Black Hat and DEFCON start this week, but let’s kick everythin... 2023-8-9 01:30:16 | 阅读: 24 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft attacker cves queuing exchange

Exploiting a Flaw in Bitmap Handling in Windows User-Mode Printer Drivers In this guest blog from researcher Marcin Wiązowski, h... 2023-8-3 00:9:6 | 阅读: 21 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com surfobj umso printer win32kfull

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability MOVEit supports the encryption of sensitive HTTP query parameters when generating redirection URLs.... 2023-7-20 23:55:23 | 阅读: 29 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com moveit silglobals decrypted dmz classlib

The SOHO Smashup Returns for Pwn2Own Toronto 2023 If you just want to read the rules, you can find them... 2023-7-13 23:9:50 | 阅读: 18 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com contest pwn2own network toronto contestants

The July 2023 Security Update Review It’s the second Tuesday of the month, which means Adobe and Microsoft have released their latest s... 2023-7-12 01:30:6 | 阅读: 34 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft attacker remote windows bypass

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs In this excerpt of a Trend Micro Vulnerability Researc... 2023-6-29 23:58:49 | 阅读: 53 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com serialized aria loginsight lang3

CVE-2022-31696: An Analysis of a VMware ESXi TCP Socket Keepalive Type Confusion LPE Last year we published our patch gap analysis of ESXi’s... 2023-6-23 00:0:0 | 阅读: 35 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com freebsd timers memory callout vmkernel

The June 2023 Security Update Review It’s the second Tuesday of the month, which means Adobe and Microsoft have released their latest... 2023-6-14 01:28:34 | 阅读: 17 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft attacker bypass exchange remote