Welcome!

Introduction This page posts analysis reports on Exploited N-Day vulnerabilities and articles on cyber threats. This project involves discovering a new, previously unknown 0-Day. Contact We are gathering a wealth of information on cyber threats. If you have any information to share, please check the email below! And if you’d like to join this effort, feel free to contact me! e-mail : pwnable@korea.ac.kr We are...

[In-The-Wild] CVE-2024-44308 : Apple Safari JavaScriptCore Remote Code Execution Vulnerability

Summary: CVE ID : CVE-2024-44308 Target Software : Apple Safari (iOS, visionOS, macOS) Affected Version : iOS 17.7.1, 18.1, visionOS 2.1, macOS Sequoia 15.1 Patched Version : iOS 17.7.2, 18.1.1, visionOS 2.1.1, macOS Sequoia 15.1.1 Impact : Remote Code Execution Reporter(s) : Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group Analyzer(s) : Dohyun Lee (@l33d0hyun) of USELab, Korea University Technical Details: Overview: This...

[In-The-Wild] CVE-2024-43047 : Qualcomm DSP Service Use-After-Free lead to Elevation of Privilege Vulnerability

Summary: CVE ID : CVE-2024-43047 Target Software : Qualcomm DSP Service Affected Version : FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QAM8295P, QCA6174A, QCA6391, QCA6426, QCA6436, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6688AQ, QCA6696, QCA6698AQ, QCS410, QCS610, QCS6490, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8295P, SD660, SD865 5G, SG4150P, Snapdragon 660 Mobile Platform,...

Vulnerabilities discovered by LLM Project

Introduction: In this advisory, we have listed vulnerabilities discovered using our LLM-powered 0-Day vulnerability analysis tool under development. We strive to leverage the power of LLM to protect against emerging threats. It is not yet perfect, but we are continuously improving it. Reported Apple . Out-Of-Bounds ACCESS . 2024-12-11 Apple . Out-Of-Bounds ACCESS . 2024-12-11 Linux -> ZDI . Out-Of-Bounds READ . 2024-12-13 Linux ->...