Google Chrome pdfium shading drawing integer overflow lead to RCE, from 360 Vulcan Team: blogs.360.cn/blog/google-ch… zhouat 👍👍

After the ITW VBScriipt 0day CVE-2018-8174 caught by 360 Core Security department was patched, we found "new" (if not a patch bypass) exploitable 0days after analyzing the patch, read the story: blogs.360.cn/blog/from-a-pa…

Microsoft Edge Chakra OP_NewScObjArray Type Confusion Bug & Full Poc Exploit by bo13oy of Qihoo 360 Vulcan Team: translate.google.com/translate?sl=z…

Microsoft Edge Chakra OP_NewScObjArray Type Confusion RCE by bo13oy, with an exploit demo: blogs.360.cn/post/Microsoft…

Virtually Unlimited Memory: Escaping the Chrome Sandbox googleprojectzero.blogspot.com/2019/04/virtua…

Good job! bo13oy of CloverSec Labs lab.seclover.com/oracle-jre-jav… x.com/bo13oy/status/…

Different vulnerabilities in a kernel driver would be treated as one vulnerability. It's the first time I'v heard this statement.

It's an unforgettable experience, thank you guys vangelis. 🤣 x.com/vangelis_at_PO…

Adobe Flash Player SecureSocket Use-After-Free Remote Code Execution Vulnerability died in the womb. It's poc here github.com/bo13oy/flash/t…

POCs for Avast Free Antivirus Software's Kernel Vulnerabilities I found last year, I will share other vendors' soon. github.com/bee13oy/AV_Ker…

More POCs added for project #AV_Kernel_Vulns, the vendors include AVG, Avira, K7 and Check Point. github.com/bee13oy/AV_Ker…

Use-After-Silence: Exploiting UAF in VMware for guest-to-host VM escape. A detailed analysis from AbdulAziz Hariri. bit.ly/2ue3L8E

The slide for my talk at #Zer0Con2017, with the details of how I found vulns in AV Kernel Drivers. github.com/bee13oy/AV_Ker…

A VMWare Guest to Host Escape Exploit I found on the internet (I haven't tested though) github.com/unamer/vmware_…

Technical analysis of the remote code execution vulnerability that we discovered in Chrome and reported to Google ow.ly/rGte30fYCc1