Zero Day Initiative — Blog

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

ZDI-21-502: An Information Disclosure Bug in ISC BIND server

June 16, 2021
ISC BIND, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2021-31181: Microsoft SharePoint WebPart Interpretation Conflict Remote Code Execution Vulnerability

June 02, 2021
Microsoft, SharePoint, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2021-22909- Digging into a Ubiquiti Firmware Update bug

May 25, 2021
Ubiquiti, Wireless, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2021-31166: A Wormable Code Execution Bug in HTTP.sys

May 18, 2021
Microsoft, IIS, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2021-26900: Privilege Escalation Via a Use After Free Vulnerability In win32k

May 04, 2021
Windows, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Parallels Desktop RDPMC Hypercall Interface and Vulnerabilities

April 29, 2021
Parallels, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2021-20226: A Reference-Counting Bug in the Linux Kernel io_uring Subsystem

April 22, 2021
Linux, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2021-25646: Getting Code Execution on Apache Druid

March 29, 2021
Apache, Druid, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2021-27076: A Replay-Style Deserialization Attack Against SharePoint

March 17, 2021
SharePoint, Microsoft, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

The Battle Between White Box and Black Box Bug Hunting in Wireless Routers

March 11, 2021
NETGEAR, Reverse Engineering, Research