FuzzAgent: Multi-Agent System for Evolutionary Library Fuzzing

Library fuzzing is essential for hardening the software supply chain, but adopting it at scale remains expensive. Practitioners still spend substantial effort on environment setup, struggle to generate harnesses that respect intricate API constraints, and lack reliable means to tell genuine libra...

Hunting CUDA Bugs at Scale with cuFuzz

GPUs play an increasingly important role in modern software. However, the heterogeneous host-device execution model and expanding software stacks make GPU programs prone to memory-safety and concurrency bugs that evade static analysis. While fuzz-testing, combined with dynamic error checking tool...

Automatic, Expressive, and Scalable Fuzzing with Stitching

Fuzzing is a powerful technique for finding bugs in software libraries, but scaling it remains difficult. Automated harness generation commits to fixed API sequences at synthesis time, limiting the behaviors each harness can test. Approaches that instead explore new sequences dynamically lack the...

SimFuzz: Similarity-Guided Block-Level Mutation for RISC-V Processor Fuzzing

The Instruction Set Architecture ISA defines processor operations and serves as the interface between hardware and software. As an open ISA, RISC-V lowers the barriers to processor design and encourages widespread adoption, but also exposes processors to security risks such as functional bugs...

EUVD-2022-52845

Malicious code in bioql PyPI...

IDOL: Improved Different Optimization Levels Testing for Solidity Compilers

As blockchain technology continues to evolve and mature, smart contracts have become a key driving force behind the digitization and automation of transactions. Smart contracts greatly simplify and refine the traditional business transaction processes, and thus have had a profound impact on vario...

ELFuzz: Efficient Input Generation Via LLM-Driven Synthesis over Fuzzer Space

Generation-based fuzzing produces appropriate testing cases according to specifications of input grammars and semantic constraints to test systems and software. However, these specifications require significant manual efforts to construct. This paper proposes a new approach, ELFuzz Evolution...

The Windows Registry Adventure #1: Introduction and research results

Posted by Mateusz Jurczyk, Google Project Zero In the 20-month period between May 2022 and December 2023, I thoroughly audited the Windows Registry in search of local privilege escalation bugs. It all started unexpectedly: I was in the process of developing a coverage-based Windows kernel fuzzer...

PHPJabbers Car Park Booking System 3.0 Missing Rate Limiting

Exploit Title: PHPJabbers Car Park Booking System v3.0 - Missing Rate Limiting Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/car-park-booking/sectionDemo Version: v3.0 Tested on:...

Exploit for Race Condition in Qualcomm Apq8053_Firmware

Fork My adaptation for the SM-F926U from the original exploit...

Intel Let Google Cloud Hack Its New Secure Chips and Found 10 Bugs

To protect its Confidential Computing cloud infrastructure and gain critical insights, Google leans on its relationships with chipmakers...

RUSTSEC-2021-0093 Data race in crossbeam-deque

In the affected version of this crate, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this can cause double free and a memory leak. If not, this stil...

Zero Day Initiative Bug Hunters Rake in $1.5M in 2019

Zero Day Initiative ZDI awarded more than $1.5 million in cash and prizes to bug-hunters throughout 2019, it said, resulting in 1,035 security vulnerability advisories for the year. Most of those advisories 88 percent were published in conjunction with a patch from the vendor, Zero Day Initiative...

NTPsec 1.1.2 - ctl_getitem Out-of-Bounds Read Exploit

!/usr/bin/env python Exploit Title: ntpsec 1.1.2 OOB read Proof of concept Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/bugs/ntpsec-oobread1 Vendor Homepage: https://ntpsec.org/ Software Link:...

NTPsec 1.1.2 ctl_getitem Out-Of-Bounds Read

!/usr/bin/env python Exploit Title: ntpsec 1.1.2 OOB read Proof of concept Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/bugs/ntpsec-oobread1 Vendor Homepage: https://ntpsec.org/ Software Link:...

NTPsec 1.1.2 - ctl_getitem Out-of-Bounds Read (PoC)

NTPsec 1.1.2 - ctlgetitem Out-of-Bounds Read PoC !/usr/bin/env python Exploit Title: ntpsec 1.1.2 OOB read Proof of concept Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/bugs/ntpsec-oobread1 Vendor Homepage:...

Shopify: myshopify.com domain takeover

Hello Shopify Security Team, I just received your email and I'm sorry for any inconvenience. Yes, it was me. Basically, I just tried to audit your website using some black box testing. Unfortunately, I didn't read about those guidelines, such as creating a store on https://partners.shopify.com/ a...

PrivateTunnel Client 2.7.0 (x64) Local Credential Disclosure

PrivateTunnel Client v2.7.0 x64 Local Credentials Disclosure After Sign out Exploit Tested on Windows Windows 7 64bit, English Vendor Homepage @ https://www.privatetunnel.com Date 14/09/2016 Bug Discovery by: Yakir Wizman https://www.linkedin.com/in/yakirwizman http://www.black-rose.ml Viktor Min...

PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure

PrivateTunnel Client v2.7.0 x64 Local Credentials Disclosure After Sign out Exploit Tested on Windows Windows 7 64bit, English Vendor Homepage @ https://www.privatetunnel.com Date 14/09/2016 Bug Discovery by: Yakir Wizman https://www.linkedin.com/in/yakirwizman http://www.black-rose.ml Viktor Min...

TeamViewer 11.0.65452 (x64) - Local Credentials Disclosure

TeamViewer 11.0.65452 64 bit Local Credentials Disclosure Tested on Windows 7 64bit, English Vendor Homepage @ https://www.teamviewer.com/ Date 07/09/2016 Bug Discovered by Alexander Korznikov https://www.linkedin.com/in/nopernik http://www.korznikov.com | @nopernik Special Thanks to: Viktor Mini...