ADVISORIES

Our team is always looking for interesting bugs during our day to day operations. We plan on updating this page with any advisories we responsibly disclosed as a result of this research. From time to time we will post an accompanying blog post that demonstrates how to develop a proof of concept exploit for a discovered vulnerability.

IAVA 2015-A-0127

AHLTA Client Remote Stack Buffer Overflow

IAVA 2015-A-0127

IAVA Notice
Exploit

CVE-2015-2898

MEDCIN Engine Stack-Based Buffer Overflow

CVE-2015-2898

Advisory
US-CERT

CVE-2015-2899

MEDCIN Engine Heap-Based Buffer Overflow

CVE-2015-2899

Advisory
US-CERT

CVE-2015-2900

MEDCIN Engine Out-of-Bounds Memory Write

CVE-2015-2900

Advisory
US-CERT

CVE-2015-2901

MEDCIN Engine Data Section Buffer Overflow

CVE-2015-2901

Advisory
US-CERT

CVE-2015-6006

MEDCIN Engine Numeric Truncation Error to Buffer Overflow

CVE-2015-6006

Advisory
US-CERT

CVE-2015-7244

MobaXTerm 8.2 Unauthenticated X11 Tampering

CVE-2015-7244

Advisory
US-CERT

CVE-2015-8268

Idera Uptime Infrastructure Monitor 7.6 Debian Agent File Inclusion

CVE-2015-8268

USCERT

CVE-2015-8277

Flexera Flexnet Publisher 11.13.1.0 Stack-Based Buffer Overflow

CVE-2015-8277

Advisory
US-CERT

CVE-2016-2345

Solarwinds Dameware Mini Remote Control Stack Buffer Overflow

CVE-2016-2345

Advisory
US-CERT

CVE-2016-3962

Meinberg NTP Time Server Remote Buffer Overflow

CVE-2016-3962

Advisory
ICS-Cert

CVE-2016-3988

Meinberg NTP Time Server Remote Buffer Overflow

CVE-2016-3988

Advisory
ICS-Cert

CVE-2016-3989

Meinberg NTP Time Server Improper Access Controls

CVE-2016-3989

Advisory
ICS-Cert

CVE-2016-3147

Landesk Management Suite Collector Service Stack Buffer Overflow

CVE-2016-3147

Advisory
NIST

CVE-2017-18044

Commvault Remote Command Injection Vulnerability

CVE-2017-18044

Advisory
NIST

CVE-2018-6546

Plays.tv (Raptr) Remote Binary Execution

CVE-2018-6546

Advisory
NIST

CVE-2018-6547

Plays.tv (Raptr) Remote Arbitrary File Write

CVE-2018-6547

Advisory
NIST

CVE-2018-16156

Fujitsu PaperStream IP (TWAIN) 1.42 DLL Hijack Privilege Escalation

CVE-2018-16156

Advisory
NIST

CVE-2018-20053

Cerner Connectivity Engine 4 Remote Command Injection Vulnerability

CVE-2018-20053

Advisory
NIST

CVE-2018-20735

BMC Patrol Agent Privilege Escalation Vulnerability

CVE-2018-20735

Advisory
NIST

CVE-2019-8352

BMC PATROL Agent Static Encryption Key For User Credentials

CVE-2019-8352

Advisory
NIST

CVE-2019-4279

IBM WebSphere Application Server ND Remote Code Execution

CVE-2019-4279

Advisory
NIST

CVE-2019-1077

Microsoft Visual Studio Elevation of Privilege Vulnerability

CVE-2019-1077

Advisory
NIST

CVE-2019-1267

Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability

CVE-2019-1267

Advisory
NIST

CVE-2019-1317

Microsoft Windows Update Orchestrator Elevation of Privilege

CVE-2019-1317

Advisory
NIST