The Battle Between White Box and Black Box Bug Hunting in Wireless Routers Last year, we disclosed two authentication bypass vulner... 2021-03-12 02:25:04 | 阅读: 123 | 收藏 | www.thezdi.com zdi firmware netgear

The March 2021 Security Update Review It’s the third second Tuesday of the year, which means we get the latest security updates from Adobe... 2021-03-10 03:31:35 | 阅读: 137 | 收藏 | www.thezdi.com microsoft windows cves attacker exchange

ZDI-21-171: Getting Information Disclosure in Adobe Reader Through the ID Tag Sometimes the only thing between you and a successful ex... 2021-02-19 02:25:53 | 阅读: 150 | 收藏 | www.thezdi.com trailer annots debugger pseudocode

Three More Bugs in Orion’s Belt In a recent blog post, we showed how certain endpoints i... 2021-02-12 02:24:21 | 阅读: 140 | 收藏 | www.thezdi.com orion exploited privileges network issuing

The February 2021 Security Update Review 2021-02-10 03:26:45 | 阅读: 119 | 收藏 | www.thezdi.com

ZDI-CAN-12671: Windows Kernel DoS/Privilege Escalation via a NULL Pointer Deref This blog details a NULL pointer dereference in the Windows win32kfull.sys kernel-mode graphics modu... 2021-01-29 01:16:41 | 阅读: 171 | 收藏 | www.thezdi.com win32kfull smep ntvdm drawing windows

Announcing Pwn2Own Vancouver 2021 2021-01-27 00:59:18 | 阅读: 101 | 收藏 | www.thezdi.com

Three Bugs in Orion’s Belt: Chaining Multiple bugs for Unauthenticated RCE in the SolarWinds Orion Platform This blog post details a few recently patched vulnerabil... 2021-01-22 01:37:26 | 阅读: 163 | 收藏 | www.thezdi.com orion injection bypass

ZDI-20-1440: An Incorrect Calculation Bug in the Linux Kernel eBPF Verifier In April 2020, the ZDI received a Linux kernel submissio... 2021-01-20 02:13:48 | 阅读: 105 | 收藏 | www.thezdi.com verifier ebpf memory rsh zdi

Looking Back at the Zero Day Initiative in 2020 2021-01-14 23:00:15 | 阅读: 94 | 收藏 | www.thezdi.com

The January 2021 Security Update Review Welcome to the new year, and welcome to the first Patch Tuesday of 2021. Take a break from your regu... 2021-01-13 03:27:17 | 阅读: 150 | 收藏 | www.thezdi.com microsoft windows security remote attacker

MindShaRE: Analysis of VMware Workstation and ESXi Using Debug Symbols from Flings The availability of debug symbols greatly assists a rese... 2021-01-08 02:27:00 | 阅读: 128 | 收藏 | www.thezdi.com vmx vmm fling analysis vnc

The Top 5 Bug Submissions of 2020 2020-12-17 01:23:00 | 阅读: 104 | 收藏 | www.thezdi.com

The December 2020 Security Update Review 2020-12-09 03:24:08 | 阅读: 81 | 收藏 | www.thezdi.com

Zero Day Initiative — CVE-2019-7839: ColdFusion Code Execution Through JNBridge In this excerpt of a Trend Micro Vulnerability Research... 2019-07-29 17:23:21 | 阅读: 118 | 收藏 | www.thezdi.com jnbridge coldfusion remote 6093 6095

Zero Day Initiative — CVE-2019-0604: Details of a Microsoft SharePoint RCE Vulnerability Last month, Microsoft released patches to address two re... 2019-05-14 00:19:53 | 阅读: 129 | 收藏 | www.thezdi.com microsoft itempicker