Sign in Create account

#vulndev — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #vulndev, aggregated by home.social.

Joxean Koret (@matalaz) @[email protected] · 2023-09-30 · 08:34 UTC

Did you know that #Diaphora detects patch diffing sessions and tries to help finding where vulnerabilities were fixed? Here are some examples for CVE-2020-1350 and CVE-2023-28231.
#patchdiffing #binarydiffing #bindiffing #vulnerabilityresearch #vulndev

#diaphora #patchdiffing #binarydiffing #bindiffing #vulnerabilityresearch #vulndev
Joxean Koret (@matalaz) @[email protected] · 2023-07-12 · 00:18 UTC

I know nobody gives a fuck, but this is my next research topic for this year: Finding #bugs & #vulnerabilities by #diffing binaries against sources. It sounds much harder than it actually is.
#ProgramDiffing #VulnDev #VulnResearch #VulnerabilityDevelopment #VulnerabilityResearch #ReverseEngineering
#Compilers #CompilerOptimizations #CompilersBugs #Miscompilations

#bugs #vulnerabilities #diffing #programdiffing #vulndev #vulnresearch
hexnomad @[email protected] · 2023-02-14 · 18:18 UTC

A privilege elevation bug I reported to #msrc just got fixed: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21688
Will give a few more details once people have enough time to patch, but it allows LPE from any process. #cve202321688 #patchtuesday #vulndev

#msrc #cve202321688 #patchtuesday #vulndev