...
...

Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Report ID Title Reporeted On Publish On CVE-ID
PS1 massCode Code execution 01-Feb-2020 04-Feb-2020 CVE-2020-8548
PS2 Safari Address Bar Spoof 11-Oct-2019 29-Jan-2020 CVE-2020-3833
PS3 Firefox IOS QR Code Reader XSS 18-Jul-2019 10-Dec-2019 CVE-2019-17003
PS4 Microsoft Edge Elevation of Privilege Vulnerability 28-Nov-2018 03-Dec-2019 CVE-2019-0678
PS5 Adobe Reader Out-Of-Bounds Read Information Disclosure Vulnerability 08-Jan-2018 01-Oct-2018 CVE-2018-15968
PS6 Opera Mini Location Permission Spoof 02-Aug-2018 18-Aug-2018 CVE-2018-16135
PS7 Foxit Reader - CPDF_Parser::m_pCryptoHandler - Use After Free - RCE 08-Jan-2018 16-Aug-2018 CVE-2018-14442
PS8 jscript.dll - ActiveXObject BSTR - Use After Free 09-Jan-2018 14-Aug-2018 CVE-2018-8389
PS9 Adobe Acrobat Reader Heap Overflow Remote Code Execution Vulnerability 08-Jan-2018 10-Jul-2018 CVE-2018-12798
PS10 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 19-Jan-2018 20-Apr-2018 CVE-2018-9950
PS11 Foxit Reader CPDF_Object Use-After-Free Remote Code Execution Vulnerability 19-Jan-2018 20-Apr-2018 CVE-2018-9951
PS12 Foxit Reader – Uninitialized Memory – Arbitrary Write Vulnerability 05-May-2017 07-Jul-2017 CVE-2017-10994
PS13 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 18-May-2017 07-Jul-2017 CVE-2017-10942
PS14 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 01-Jun-2017 07-Jul-2017 CVE-2017-10944
PS15 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 18-May-2017 07-Jul-2017 CVE-2017-10943
PS16 Foxit Reader Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 03-Jan-2017 09-Mar-2017 CVE-2017-8453
PS17 Out of Bounds Write Heap Buffer Google Chrome PDFium 25-Nov-2016 09-Mar-2017 CVE-2017-5032
PS18 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 22-Feb-2017 09-Mar-2017 CVE-2017-8455
PS19 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 03-Jan-2017 09-Mar-2017 CVE-2017-8454
PS20 Memory Corruption Mach-O 2 25-Jun-2016 05-Aug-2016 CVE-2017-8775
PS21 Non-ASLR & DEP Modules 09-Jun-2016 01-Aug-2016 CVE-2017-8776
PS22 Insecure Libray Loading 09-Jun-2016 01-Aug-2016
PS23 OOB Write Heap Buffer dwCompressionSize MS-WIM 13-Jul-2016 20-Jul-2016 CVE-2017-8773
PS24 Memory Corruption Mach-O 1 25-Jun-2016 11-Jul-2016 CVE-2017-8774
PS25 OOB Write Stack Buffer LC_UNIXTHREAD.cmdsize Mach-O 09-Jun-2016 11-Jun-2016 CVE-2017-5005
PS26 Adobe Reader Type Confusion - Memory Corruption Vulnerability 05-Dec-2016 06-Apr-2016 CVE-2017-3038
PS27 Microsoft Internet Explorer CDOMStringDataList::InitFromString Out-Of-Bounds Indexing Information Disclosure Vulnerability 08-Sep-2015 10-Nov-2015 CVE-2015-6086
PS28 Hardcoded AES 256 bit key used in Kankun Smart socket and its mobile App 25-May-2015 05-Jun-2015 CVE-2015-4080
PS29 CVE-2014-8446 – Adobe Acrobat/Reader – Memory Corruption 15-May-2014 09-Dec-2014 CVE-2014-8446

Latest Blogs See all blog

Hardware Attack - Stack Smashing And Protection
18/02/2020
asmita-jha
massCode Code execution (CVE-2020-8548)
04/02/2020
nikhil-mittal
Safari Address Bar Spoof (CVE-2020-3833)
29/01/2020
nikhil-mittal

Latest news See all news

16-March-2020
Heidelberg, Germany

Visit

Nikhil Joshi will be delivering training titled “ML for security and security for ML” at troppers2020

14-March-2020
Vancouver, Canada

Visit

Ashfaq Ansari, will be delivering a training on “Windows Kernel Exploitation Foundation & Advanced” at CanSecWest, Canada 2020.

03-March-2020
Goa, India

Visit

Aseem Jakhar and Munawwar Hussain Shelia will be delivering a training on “Practical IoT Hacking (3 days)” at nullcon, Goa, India 2020.