Research — Zero Day Initiative — Blog

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2024-37079: VMware vCenter Server Integer Underflow Code Execution Vulnerability

August 28, 2024
VMware, vCenter, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability

April 17, 2024
Windows, RAR, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability

March 06, 2024
Microsoft, .NET Framework, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2023-46263: Ivanti Avalanche Arbitrary File Upload Vulnerability

February 06, 2024
Ivanti, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

August 23, 2023
XWiki, Research, Exploit

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability

July 20, 2023
Progress, MOVEit, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs

June 29, 2023
VMware, Aria, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2023-24941: Microsoft Network File System Remote Code Execution

June 01, 2023
Microsoft, NFS, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2023-28231: RCE in the Microsoft Windows DHCPv6 Service

May 02, 2023
Microsoft, DHCP, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2022-38108: RCE in SolarWinds Network Performance Monitor

February 28, 2023
SolarWinds, Research, Detection Guidance