Ending @defcon this year with @CVEnew dropping three more CVEs I discovered:
CVE-2023-40294- https://t.co/HcyY9klhQw
CVE-2023-40295- https://t.co/JDeTe4xLou
CVE-2023-40296- https://t.co/SkYfYRbEw6
If you are at @NatlCyberSummit next month, come by and say hi!
I've completed my Zero-Day research sprint for March 2024 and discovered four more critical zero-day vulnerabilities: CVE-2024-27540, CVE-2024-27541, CVE-2024-27542, and CVE-2024-27543. In this article I thoroughly explore fuzzing projects with AFL++
https://t.co/H2fWiBHEvA
๐ Diving deep into fuzz testing with #AFLplusplus ๐, and the results are in! I found multiple unique vulnerabilities in LCI - a lambda calculus interpreter. The full write up with associated CVEs can be viewed here:
https://t.co/H2fWiBHEvA
#Fuzzing#Cybersecurity#BugHunting
Stay safe and stay secure! Here are two more CVEs I discovered recently published by @MITREcorp
Liblisp Out of Bounds Read (CVE-2023-48025)
Liblisp Use-after-free (CVE-2023-48024)
Another CVE I discovered was released by @MITREcorp@CVEnew . This one is a double free in the xHTTP server library:
https://t.co/aAVU0dEUBs
#CVE_2023_38434
Looks like this is a 12 CVE month for @Halcy0nic research. Thanks to @CVEnew and all of the development teams for the quick patches and amazing response time.
A few more zero days I discovered have been assigned CVEs. You can find more info on MITREโs official website ๐ค๐พ
https://t.co/Ld9vmhaupq
https://t.co/qNqMH3x4pC
https://t.co/Tcn28oSPOw
CVE-2022-34913 ** DISPUTED ** md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a large number of consecutive characters to be processed. NOTE: the vendor's position is that the product is not intended for untrusted input. https://t.co/JtsTl2fUQZ
1997: Nmap was first released as a simple port scanner via an article in issue 51 of Phrack magazine which included the source code.
That's right - 23 years of Nmap.
https://t.co/uYyc2OQ1r6
The #HalcyonicQuarantineCTF is officially a go next Thursday (04/02) from 6-9 PST. During our solidarity I am hosting a free online capture the flag event. Should be fun! You can get all the details here:
https://t.co/glh8n7sQFx