The April 2025 Security Update Review

April 08, 2025 | Dustin Childs CONTINUE READING

One man's patch is another man's treasure: A tale of a failed HPE patch

Blog post

One man's patch is another man's treasure: A tale of a failed HPE patch

February 06, 2018
HPE, Research, Metasploit

Automating VMware RPC Request Sniffing

Blog post

Automating VMware RPC Request Sniffing

January 19, 2018
VMware, Research

A Matching Pair of Use-After-Free Bugs in Chakra asm.js

Blog post

A Matching Pair of Use-After-Free Bugs in Chakra asm.js

December 22, 2017
JavaScript, Chakra, Research, Top 5

VMware’s Launch escape SYSTEM

Blog post

VMware’s Launch escape SYSTEM

December 21, 2017
VMware, Research, Top 5

Invariantly Exploitable Input: An Apple Safari Bug Worth Revisiting

Blog post

Invariantly Exploitable Input: An Apple Safari Bug Worth Revisiting

December 20, 2017
Apple, Safari, Research, Top 5

Apache Groovy Deserialization: A Cunning Exploit Chain to Bypass a Patch

Blog post

Apache Groovy Deserialization: A Cunning Exploit Chain to Bypass a Patch

December 19, 2017
Apache, Research, Top 5

Reading Backwards – Controlling an Integer Underflow in Adobe Reader

Blog post

Reading Backwards – Controlling an Integer Underflow in Adobe Reader

December 18, 2017
Adobe, Top 5, Research

Exploiting Untrusted Objects through Deserialization: Analyzing 1 of 100+ HPE Bug Submissions

Blog post

Exploiting Untrusted Objects through Deserialization: Analyzing 1 of 100+ HPE Bug Submissions

December 01, 2017
HPE, Research, Exploit

On the Trail to Mobile Pwn2Own

Blog post

On the Trail to Mobile Pwn2Own

October 27, 2017
Pwn2Own, Apple, Research, Exploit

Wrapping the Converter within Foxit Reader

Blog post

Wrapping the Converter within Foxit Reader

October 17, 2017
Foxit, Research, Techniques