Skip to content
Please note that GitHub no longer supports Internet Explorer.

We recommend upgrading to the latest Microsoft Edge, Google Chrome, or Firefox.

Learn more
Zero-day and N-day security vulnerability notes, analysis, and proof-of-concepts
HTML C C++ JavaScript Shell
Branch: master
Clone or download
Cannot retrieve the latest commit at this time.
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
CVE-2009-2629_nginx_http
CVE-2013-0007_MSXML6
CVE-2014-4060_Windows_Media_Player 🌸 Nov 10, 2019
CVE-2014-XXXX_InduSoft_SchneiderElectric 🌸 Nov 10, 2019
CVE-2015-2515_Windows_Shell 🌸 Nov 10, 2019
CVE-2015-XXXX_MSOffice_Word
CVE-2016-0143_win32k 🌸 Nov 10, 2019
CVE-2016-0171_win32k
CVE-2017-XXXX_Jscript9_IE 🌸 Nov 10, 2019
CVE-2017-XXXX_WindowsDefender 🌸 Nov 10, 2019
CVE-2018-0893_MSEdge 🌸 Nov 10, 2019
CVE-2018-16845_nginx_mp4
CVE-2018-5144_Firefox_Thunderbird
CVE-2018-5178_Firefox_Thunderbird 🌸 Nov 10, 2019
CVE-2018-6981_VMWare_ESXi
CVE-2018-FFFF_Chrome
CVE-2018-XXXX_VirtualBox
CVE-2019-0717_Hyper-V
CVE-2019-FFFF_nginx_njs 🌸 Nov 10, 2019
README.md Fix typos Nov 2, 2019

README.md

Disclosures

Zero-day and N-day security vulnerability notes, analysis, and proof-of-concepts

List

CVE-2009-2629: nginx http module Buffer Underflow Remote Code Execution Vulnerability
Patch analysis, testcase, notes

CVE-2013-0007: Microsoft XML Core Services 4-6 Use-after-free Vulnerability Vulnerability analysis, proof-of-concept exploit
Phrack paper

CVE-2014-4060: Microsoft Windows Media Center CSyncBasePlayer Use-After-Free Remote Code Execution Vulnerability
Analysis, testcase

CVE-2014-XXXX: Schneider Electric InduSoft Web Access Memory Corruption Vulnerability (multiple) Testcases, analysis
Part of a winning competition entry: Hack the smart city 2014

CVE-2014-XXXX: Microsoft Office Word 2010 Memory Corruption Vulnerability
Testcases, notes

CVE-2015-2515: Windows Shell Use-after-free Remote Code Execution Vulnerability
Testcases

CVE-2016-0143: Microsoft Win32k Elevation of Privilege Vulnerability
Vulnerability root cause analysis

CVE-2016-0171: Microsoft Win32k Elevation of Privilege Vulnerability
Vulnerability root cause analysis

CVE-2017-XXXX: Jscript9 Type Confusion Remote Code Execution Vulnerability
Testcase

CVE-2017-FFFF: Windows Defender Javascript Use-after-free Vulnerability
Testcase

CVE-2018-0893: Microsoft Edge Type Confusion Vulnerability
Testcase, analysis, proof-of-concept exploit

CVE-2018-16845: nginx module mp4 Out Of Bounds Read Information Disclosure Vulnerability
TBD

CVE-2018-5144: Firefox ESR and Thunderbird Integer Overflow Remote Code Execution Vulnerability
Theoretical analysis

CVE-2018-5178: Firefox ESR and Thunderbird Buffer Overflow Remote Code Execution Vulnerability
Theoretical analysis

CVE-2018-6981: VMWare ESXi and Workstation Uninitialized Variable RCE
Patch analysis, testcase

CVE-2018-FFFF: Chromium ANGLE Uninitialized Variable RCE
Theoretical analysis

CVE-2018-XXXX: VirtualBox 3D Virtualization Memory Corruption Elevation of Privilege Vulnerability (multiple)
Analysis

CVE-2019-0717: Hyper-V vmswitch.sys Out of Bounds Read Vulnerability
TBD

CVE-2019-FFFF: nginx module njs Heap Buffer Overflow Vulnerability (multiple)
TBD

Legend

CVE.*XXXX: the CVE was assigned, but I don't know it
CVE.*FFFF: the CVE ID was never assigned

Credits

Alisa Esage, unless stated otherwise

You can’t perform that action at this time.