Pwn2Own Vancouver 2022 - The Schedule Welcome to Pwn2Own Vancouver 2022! This year marks the 15th anniversary of the contest, and we plan... 2022-5-18 07:47:39 | 阅读: 50 | 收藏 | www.thezdi.com elevation microsoft windows security contest

The May 2022 Security Update Review It’s the fifth second Tuesday of 2022, which also means it’s the also the fifth Patch Tuesday of the... 2022-5-11 01:29:19 | 阅读: 64 | 收藏 | www.thezdi.com microsoft windows attacker cves zdi

What to Expect when Exploiting: A Guide to Pwn2Own Participation So you’ve heard of Pwn2Own and think you are up to the challenge of competing in the world’s most pr... 2022-5-4 22:57:58 | 阅读: 15 | 收藏 | www.thezdi.com contest pwn2own competition contestants

Pwn2Own Miami 2022 Results Pwn2Own Miami for 2022 is underway, and we’ve already se... 2022-4-20 00:55:47 | 阅读: 46 | 收藏 | www.thezdi.com pwn2own miami unified amazing peles

Pwn2Own Miami 2022 Schedule Note: All times subject to change - You can see the results and live updates here once they become a... 2022-4-19 07:14:25 | 阅读: 57 | 收藏 | www.thezdi.com opc claroty aveva genesis64 machine

The April 2022 Security Update Review Another Patch Tuesday is upon, and Adobe and Microsoft have released a bevy of new security updat... 2022-4-13 02:8:27 | 阅读: 38 | 收藏 | www.thezdi.com microsoft windows cves attacker remote

CVE-2022-26381: Gone by others! Triggering a UAF in Firefox Memory corruption vulnerabilities have been well know... 2022-4-7 23:51:30 | 阅读: 73 | 收藏 | www.thezdi.com crash memory mozilla asan dereference

Abusing Arbitrary File Deletes to Escalate Privilege and Other Great Tricks What do you do when you’ve found an arbitrary file delete as NT AUTHORITY\SYSTEM? Probably just sigh... 2022-3-17 23:32:27 | 阅读: 66 | 收藏 | www.thezdi.com windows eop rbs rollback oplock

The March 2022 Security Update Review It’s once again Patch Tuesday, which means the latest security updates from Adobe and Microsoft have... 2022-3-9 02:30:49 | 阅读: 87 | 收藏 | www.thezdi.com microsoft attacker windows cves zdi

Clang Checkers and CodeQL Queries for Detecting Untrusted Pointer Derefs and Tainted Loop Conditions In the first blog of the series, we saw how CodeQL and C... 2022-2-24 01:49:0 | 阅读: 49 | 收藏 | www.thezdi.com tainted memory taint analysis checkers

Static Taint Analysis using Binary Ninja: A Case Study of MySQL Cluster Vulnerabilities Taint analysis is an effective technique for finding vul... 2022-2-16 01:4:39 | 阅读: 41 | 收藏 | www.thezdi.com tainted ssa taint mlil analysis

MindShaRE: When MySQL Cluster Encounters Taint Analysis Recently, the ZDI received multiple submissions of vulne... 2022-2-11 00:51:13 | 阅读: 39 | 收藏 | www.thezdi.com taint analysis propagation sanitizer accesses

The February 2022 Security Update Review It’s the second patch Tuesday of 2022, which means the latest security updates from Adobe and Micros... 2022-2-9 02:28:50 | 阅读: 41 | 收藏 | www.thezdi.com microsoft windows attacker remote cves

CVE-2021-44142: Details on a Samba Code Execution Bug Demonstrated at Pwn2Own Austin Recently, Samba released a patch to address an Out-of-Bounds (OOB) Heap Read/Write vulnerability fou... 2022-2-2 06:27:46 | 阅读: 80 | 收藏 | www.thezdi.com samba fruit attacker netatalk pwn2own

CVE-2021-44790: Code Execution on Apache via an Integer Underflow In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein... 2022-1-26 01:26:6 | 阅读: 44 | 收藏 | www.thezdi.com lua crlf sequences vlen consecutive

Looking Back at the Zero Day Initiative in 2021 Now that we’re almost through the first month of 2022, it’s a good opportunity for us to take a look... 2022-1-21 01:43:50 | 阅读: 20 | 收藏 | www.thezdi.com zdi pwn2own disclosures cwes

CVE-2021-21661: Exposing Database Info via WordPress SQL Injection In October of this year, we received a report from ngocn... 2022-1-19 02:15:17 | 阅读: 71 | 收藏 | www.thezdi.com wp wordpress php phpthe pagination

Pwn2Own Vancouver Returns for the 15th Anniversary of the Contest Jump to the contest rulesStarting in 2007, Pwn2Own has g... 2022-1-12 21:59:31 | 阅读: 19 | 收藏 | www.thezdi.com pwn2own tesla contest tier microsoft

The January 2022 Security Update Review The first patch Tuesday of the year is here, and with it comes the latest security patches from Adob... 2022-1-12 02:24:14 | 阅读: 60 | 收藏 | www.thezdi.com microsoft windows attacker remote exchange

The Top 5 Bugs Submitted in 2021 As the new year begins, we thought it would be fun to look back at some of the best bugs submitted d... 2022-1-7 01:4:58 | 阅读: 42 | 收藏 | www.thezdi.com exchange microsoft ebpf subregister security