Zero Day Initiative — Blog

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2019-0230: Apache Struts OGNL Remote Code Execution

October 07, 2020
Apache, Research, Struts

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2020-9496: RCE in Apache OFBiz XMLRPC via Deserialization of Untrusted Data

September 16, 2020
Apache, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2020-1300: Remote Code Execution Through Microsoft Windows CAB Files

July 09, 2020
Microsoft, Windows, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2020-0729: Remote Code Execution Through .LNK Files

March 26, 2020
Microsoft, Research, Security Patch

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2019-9512 – A Microsoft Windows HTTP/2 Ping Flood Denial of Service

December 05, 2019
Research, HTTP, DoS

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2019-12643: Cisco IOS XE Authentication Bypass Vulnerability

October 18, 2019
Cisco, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2019-12527: Code Execution on Squid Proxy Through a Buffer Overflow

August 22, 2019
Squid, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2019-7839: ColdFusion Code Execution Through JNBridge

July 25, 2019
Adobe, Research, ColdFusion

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Remote Code Execution via Ruby on Rails Active Storage Insecure Deserialization

June 20, 2019
Ruby on Rails, Research, Exploit