Day[0]

281 Episodes

1. [bounty] XSS for NFTs, a VMWare Workspace ONE UEM SSRF, and GitLab CI Container Escape

   Published: 5/3/2022
2. [binary] Getting into Vulnerability Research and a FUSE use-after-free

   Published: 4/28/2022
3. [bounty] A Struts RCE, Broken Java ECDSA (Psychic Signatures) and a Bad Log4Shell Fix

   Published: 4/26/2022
4. [binary] Another iOS Bug and Edge Chakra Exploitation

   Published: 4/21/2022
5. [bounty] Taking Over an Internal AWS Service and an Interesting XSS Vector

   Published: 4/19/2022
6. [binary] A subtle iOS parsing bug and a PHP use-after-free

   Published: 4/14/2022
7. [bounty] A Double-Edged SSRF, Pritunl VPN LPE, and a NodeBB Vuln

   Published: 4/12/2022
8. [binary] FORCEDENTRY Sandbox Escape and NetFilter Bugs

   Published: 4/7/2022
9. [bounty] Spring4Shell, PEAR Bugs, and GitLab Hardcoded Passwords

   Published: 4/5/2022
10. [binary] Pwning WD NAS, NetGear Routers, and Overflowing Kernel Pages

    Published: 3/31/2022
11. [bounty] GitLab Arbitrary File Read and Bypassing PHP's filter_var

    Published: 3/29/2022
12. [binary] Chrome Heap OOB Access and TLStorm

    Published: 3/24/2022
13. [bounty] DOMPDF XSS to RCE, Chrome Leaking Envrionment Vars, and cr8escape

    Published: 3/22/2022
14. [binary] A Windows UAF, Branch Prediction Bugs, and an io_uring Exploit

    Published: 3/17/2022
15. [bounty] Pascom RCE, AutoWarp, and a GKE Container Escape

    Published: 3/15/2022
16. [binary] Dirty Pipe and Analyzing Memory Tagging

    Published: 3/10/2022
17. [bounty] Facebook Exploits, pfSense RCE, and MySQLjs SQLi

    Published: 3/8/2022
18. [binary] ImageGear JPEG Vulns, NetFilter, and a LibCurl Memory Disclosure

    Published: 3/3/2022
19. [bounty] DynamicWeb RCE, VMWare Bugs, and Exploiting GitHub Actions

    Published: 3/1/2022
20. [binary] Zynq-7000 Secure Boot Bypass and Compiler-Created Bugs

    Published: 2/24/2022