Contributions
My various public contributions to the security community.
Vulnerabilities
- CVE-2024-35467 - Asus RT-AC87U WPS Denial of Service
- CVE-2024-39149 - NETGEAR R8000 Remote OS Command Injection
- CVE-2024-25464 - Asus Download Master Remote OS Command Injection
- CVE-2023-5372 - Zyxel NAS Remote Python Code Execution
- CVE-2023-4474 - Zyxel NAS Remote OS Command Injection
- CVE-2023-4473 - Zyxel NAS Authentication Bypass
- CVE-2023-37928 - Zyxel NAS Remote Python Code Execution
- CVE-2023-37927 - Zyxel NAS Remote OS Command Injection
- CVE-2022-38006 - Microsoft Windows GDI+ Information Disclosure
- CVE-2022-35837 - Microsoft Windows GDI+ Information Disclosure
- CVE-2022-34728 - Microsoft Windows GDI+ Information Disclosure
- CVE-2022-29112 - Microsoft Windows GDI+ Information Disclosure
- CVE-2022-26934 - Microsoft Windows GDI+ Information Disclosure
- CVE-2022-21915 - Microsoft Windows GDI+ Information Disclosure
- CVE-2022-21904 - Microsoft Windows GDI+ Information Disclosure
- CVE-2022-21903 - Microsoft Windows GDI Elevation of Privilege
- CVE-2020-13657 - Avast Free Antivirus Elevation of Privilege
- CVE-2020-1283 - Microsoft Windows AppInfo Denial of Service
- CVE-2020-1123 - Microsoft Windows DiagTrack Denial of Service
- CVE-2020-1076 - Microsoft Windows VaultSvc Denial of Service
- CVE-2020-12463 - Avira Software Updater Elevation of Privilege
- CVE-2020-0899 - Microsoft Visual Studio Elevation of Privilege
- CVE-2020-0858 - Microsoft Windows “Account Pictures” Elevation of Privilege
- CVE-2020-8094 - Bitdefender Antivirus Free 2020 Elevation of Privilege
- CVE-2019-1476 - Microsoft Windows AppXSvc Elevation of Privilege
- CVE-2019-1253 - Microsoft Windows AppXSvc Elevation of Privilege
- CVE-2014-4643 - Core FTP LE Remote Code Execution
- CVE-2013-7260 - RealPlayer Remote Code Execution
Exploits
- AppXSvc 17763 - Arbitrary File Overwrite (DoS)
- AppXSvc - Privilege Escalation
- BulletProof FTP Client 2010 - Local Buffer Overflow (DEP Bypass)
- BulletProof FTP Client 2010 - Buffer Overflow (SEH) (PoC)
- Core FTP LE 2.2 - Heap Overflow (PoC)
- Haihaisoft Universal Player 1.5.8 - ‘.m3u’ / ‘.pls ‘/ ‘.asx’ Buffer Overflow (SEH)
- Haihaisoft HUPlayer 1.0.4.8 - ‘.m3u’ / ‘.pls’ / ‘.asx’ Buffer Overflow (SEH)
- ALLPlayer 5.8.1 - ‘.m3u’ Local Buffer Overflow (SEH)
- Gold MP4 Player 3.3 - Buffer Overflow (PoC) (SEH)
- Music AlarmClock 2.1.0 - ‘.m3u’ Crash (PoC)
- RealPlayer 16.0.3.51/16.0.2.32 - ‘.rmp’ Version Attribute Buffer Overflow
Metasploit modules
- Malwarebytes Anti-Malware and Anti-Exploit Update Remote Code Execution
- DiskBoss Enterprise GET Buffer Overflow
- DiskSavvy Enterprise GET Buffer Overflow
- i-FTP Schedule Buffer Overflow
- GetGo Download Manager HTTP Response Buffer Overflow
- MPlayer Lite M3U Buffer Overflow
- BulletProof FTP Client BPS Buffer Overflow
- ALLPlayer M3U Buffer Overflow
- Easy CD-DA Recorder PLS Buffer Overflow
- RealNetworks RealPlayer Version Attribute Buffer Overflow