NEWS > Research Blog

nginx DNS Resolver Off-by-One Heap Write Vulnerability
An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character ('.', 0x2E) out of bounds in a heap allocated buffer.
...
QR Code reconstruction
Reconstructing a QR Code from partially censored images.
...
Advisory X41-2021-001: Multiple Vulnerabilities in YARA
Luis Merino of X41 discovered multiple vulnerabilities in YARA
...
Microsoft Exchange Remote Code Execution - CVE-2020-16875
The patch for CVE-2020-16875 in Microsoft Exchange can bypassed to gain remote code execution again.
...
Pro-bono Pentests for COVID-19-related Apps & Software
COVID-19 pro-bono program finished
...
Background Image