Welcome!
Introduction This page posts analysis reports on Exploited N-Day vulnerabilities and articles on cyber threats. Contact We are gathering a wealth of information on cyber threats. If you have any information to share, please check the email below! And if you’d like to join this effort, feel free to contact me! e-mail : pwnable@korea.ac.kr We are looking for it! Someone experienced in N-Day vulnerability analysis...
[In-The-Wild] CVE-2024-44308 : Apple Safari JavaScriptCore Remote Code Execution Vulnerability
Summary: CVE ID : CVE-2024-44308 Target Software : Apple Safari (iOS, visionOS, macOS) Affected Version : iOS 17.7.1, 18.1, visionOS 2.1, macOS Sequoia 15.1 Patched Version : iOS 17.7.2, 18.1.1, visionOS 2.1.1, macOS Sequoia 15.1.1 Impact : Remote Code Execution Reporter(s) : Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group Analyzer(s) : Dohyun Lee (@l33d0hyun) of USELab, Korea University Technical Details: Overview: This...
[In-The-Wild] CVE-2024-43047 : Qualcomm DSP Service Use-After-Free lead to Elevation of Privilege Vulnerability
Summary: CVE ID : CVE-2024-43047 Target Software : Qualcomm DSP Service Affected Version : FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QAM8295P, QCA6174A, QCA6391, QCA6426, QCA6436, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6688AQ, QCA6696, QCA6698AQ, QCS410, QCS610, QCS6490, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8295P, SD660, SD865 5G, SG4150P, Snapdragon 660 Mobile Platform,...