Exploit Development

"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development ColdPints Now 100%
Pixel GPU Exploit: A kernel exploit for Pixel7/8 Pro with Android 14
github.com
30
1
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development ColdPints Now 66%
Analysis of VirtualBox CVE-2023-21987 and CVE-2023-21991
https://qriousec.github.io/post/vbox-pwn2own-2023/
1
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development solidsnail Now 100%
From Terminal Output to Arbitrary Remote Code Execution
https://blog.solidsnail.com/posts/2023-08-28-iterm2-rce

cross-posted from: https://infosec.pub/post/2466014 > This is my first write-up, on a vulnerability I discovered in iTerm2 (RCE). Would love to hear opinions on this. I tried to make the writing engaging.

3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
No More Speculation: Exploiting CPU Side-Channels for Real
bughunters.google.com
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
Diving into Windows Remote Access Service for Pre-Auth Bugs
www.blackhat.com
4
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
iOS 17: New Version, New Acronyms
www.df-f.com
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 88%
You have become the very thing you swore to destroy: Remotely exploiting an Antivirus engine
https://cfp.recon.cx/2023/talk/KTMT73/
7
2
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
Use Native Pointer of Function to Bypass The Latest Chrome v8 Sandbox
https://medium.com/@numencyberlabs/use-native-pointer-of-function-to-bypass-the-latest-chrome-v8-sandbox-exp-of-issue1378239-251d9c5b0d14
4
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
In-depth Analysis of the CVE-2023-29300 Adobe ColdFusion Serialization Vulnerability
github.com
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
[Chrome] CVE-2023-2033
github.com
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
Exploiting a Flaw in Bitmap Handling in Windows User-Mode Printer Drivers
www.zerodayinitiative.com
8
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
An Introduction to Exploit Reliability
blog.isosceles.com
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
MSMQ QueueJumper (RCE Vulnerability): An In-Depth Technical Analysis
securityintelligence.com
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
Summary: MTE As Implemented
https://googleprojectzero.blogspot.com/2023/08/summary-mte-as-implemented.html
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
All known API based kernel address leaks on Windows no longer work
https://twitter.com/yarden_shafir/status/1685740223181832193
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
CVE-2023-3389 - Exploiting a vulnerability in the io_uring subsystem of the Linux kernel
https://qyn.app/posts/CVE-2023-3389/
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
Escaping the Google kCTF Container with a Data-Only Exploit
h0mbre.github.io
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
The Legacy of Stagefright
blog.isosceles.com
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
prctl anon_vma_name: An Amusing Linux Kernel Heap Spray
starlabs.sg
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
CVE-2023-35086 POC - ASUS routers format string vulnerability [DOS]
github.com
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
A new method for container escape using file-based DirtyCred
starlabs.sg
4
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
[Chrome] UAF in MLGraphXnnpack::BuildOnBackgroundThread (reward: $11000)
https://crbug.com/1425370
1
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
Zenbleed
https://lock.cmpxchg8b.com/zenbleed.html
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
[Chrome ITW sandbox escape] Integer overflow in SkSLVMCodeGenerator (skia)
https://bugs.chromium.org/p/chromium/issues/detail?id=1432603
7
4
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
Exploiting MikroTik RouterOS Hardware with CVE-2023-30799 - Blog - VulnCheck
vulncheck.com
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
[Linux kernel eBPF] CVE-2023-2163 PoC
github.com
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
Shifting boundaries: Exploiting an Integer Overflow in Apple Safari - Exodus Intelligence
blog.exodusintel.com
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
Zero Day Initiative — CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability
www.zerodayinitiative.com
4
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
TheHole New World - how a small leak will sink a great browser (CVE-2021-38003)
starlabs.sg
6
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
[Chrome] Heap-use-after-free in ExclusiveAccessBubbleViews::UpdateBounds (reward: $10000)
https://crbug.com/1426521
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
V8 Sandbox - Code Pointer Sandboxing
docs.google.com
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
TALOS-2023-1757 Foxit Reader Field OnBlur event use-after-free vulnerability
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1757
3
1
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
CVE-2023-28754 Apache ShardingSphere RCE (SnakeYAML Deserialization)
https://www.openwall.com/lists/oss-security/2023/07/19/3
2
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
[Chrome] oob write in vrend_renderer_transfer_write_iov (reward: $15000)
https://bugs.chromium.org/p/chromium/issues/detail?id=1427332
2
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
[Chrome] Race Condition UAF in amdtee_open_session (reward: $10000)
https://bugs.chromium.org/p/chromium/issues/detail?id=1407048
2
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
Anatomy of Lockdown Mode
https://blacktop.github.io/presentations/0x41con_2023/HTML/index.html
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
CVE-2023-2033: Chrome [0-day] JIT optimisation issue
https://bugs.chromium.org/p/chromium/issues/detail?id=1432210
2
3
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent
blog.qualys.com
5
1
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development ColdPints Now 100%
CVE-2023-2008 - Analyzing and exploiting a bug in the udmabuf driver | Bluefrostsecurity
https://labs.bluefrostsecurity.de/blog/cve-2023-2008.html
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan Now 100%
Microsoft Edge MSDCPDF Javascript addIcon type confusion vulnerability
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1747
4
0