ZDI-21-502: An Information Disclosure Bug in ISC BIND server 2021-06-17 00:27:53 | 阅读: 159 | 收藏 | www.thezdi.com

The June 2021 Security Update Review It’s the second Tuesday of the month, which means the latest security updates from Adobe and Microso... 2021-06-09 02:31:46 | 阅读: 201 | 收藏 | www.thezdi.com microsoft windows attacker security defender

CVE-2021-22909- Digging into a Ubiquiti Firmware Update bug 2021-05-26 01:12:58 | 阅读: 142 | 收藏 | www.thezdi.com

The May 2021 Security Update Review It’s the second Tuesday of the month, which means the latest security updates from Adobe and Microso... 2021-05-12 02:26:35 | 阅读: 229 | 收藏 | www.thezdi.com microsoft attacker windows remote cves

CVE-2021-26900: Privilege Escalation Via a Use After Free Vulnerability In win32k In March 2021, Microsoft released a patch to correct a v... 2021-05-05 02:02:18 | 阅读: 180 | 收藏 | www.thezdi.com 1381 tracker1

Parallels Desktop RDPMC Hypercall Interface and Vulnerabilities Parallels Desktop implements a hypercall interface using... 2021-04-30 01:02:22 | 阅读: 265 | 收藏 | www.thezdi.com vmm hypercall firmware hypervisor rdpmc

CVE-2021-20226: A Reference-Counting Bug in the Linux Kernel io_uring Subsystem 2021-04-23 01:27:23 | 阅读: 162 | 收藏 | www.thezdi.com

The April 2021 Security Update Review It’s the second Tuesday of the month, which means the latest security updates from Adobe and Microso... 2021-04-14 02:29:51 | 阅读: 259 | 收藏 | www.thezdi.com microsoft windows attacker security cves

Pwn2Own 2021 - Schedule and Live Results 2021-04-06 22:47:50 | 阅读: 172 | 收藏 | www.thezdi.com

CVE-2021-27076: A Replay-Style Deserialization Attack Against SharePoint An attacker is frequently in the position of having to find a technique to evade some data integrity... 2021-03-18 00:14:02 | 阅读: 123 | 收藏 | www.thezdi.com attacker alice attachment

The Battle Between White Box and Black Box Bug Hunting in Wireless Routers Last year, we disclosed two authentication bypass vulner... 2021-03-12 02:25:04 | 阅读: 119 | 收藏 | www.thezdi.com zdi firmware netgear

The March 2021 Security Update Review It’s the third second Tuesday of the year, which means we get the latest security updates from Adobe... 2021-03-10 03:31:35 | 阅读: 132 | 收藏 | www.thezdi.com microsoft windows cves attacker exchange

ZDI-21-171: Getting Information Disclosure in Adobe Reader Through the ID Tag Sometimes the only thing between you and a successful ex... 2021-02-19 02:25:53 | 阅读: 147 | 收藏 | www.thezdi.com trailer annots debugger pseudocode

Three More Bugs in Orion’s Belt In a recent blog post, we showed how certain endpoints i... 2021-02-12 02:24:21 | 阅读: 136 | 收藏 | www.thezdi.com orion exploited privileges network issuing

The February 2021 Security Update Review 2021-02-10 03:26:45 | 阅读: 118 | 收藏 | www.thezdi.com

ZDI-CAN-12671: Windows Kernel DoS/Privilege Escalation via a NULL Pointer Deref This blog details a NULL pointer dereference in the Windows win32kfull.sys kernel-mode graphics modu... 2021-01-29 01:16:41 | 阅读: 167 | 收藏 | www.thezdi.com win32kfull smep ntvdm drawing windows

Announcing Pwn2Own Vancouver 2021 2021-01-27 00:59:18 | 阅读: 100 | 收藏 | www.thezdi.com

Three Bugs in Orion’s Belt: Chaining Multiple bugs for Unauthenticated RCE in the SolarWinds Orion Platform This blog post details a few recently patched vulnerabil... 2021-01-22 01:37:26 | 阅读: 159 | 收藏 | www.thezdi.com orion injection bypass

ZDI-20-1440: An Incorrect Calculation Bug in the Linux Kernel eBPF Verifier In April 2020, the ZDI received a Linux kernel submissio... 2021-01-20 02:13:48 | 阅读: 100 | 收藏 | www.thezdi.com verifier ebpf memory rsh zdi

Looking Back at the Zero Day Initiative in 2020 2021-01-14 23:00:15 | 阅读: 93 | 收藏 | www.thezdi.com