Services

IoT Security Testing Red Team Assessment Product Security AI/ML Security Audit Web Security Testing

Mobile Security Testing DevSecOps Consulting Code Review Cloud Security Critical Infrastructure

Products

EXPLIoT

EXPLIoT is framework for IoT security testing
and exploitation.

CloudFuzz

CloudFuzz is platform that lets you code for bugs
by running your software with millions of test cases.

Who we are

About Us Payatu Bandits

Resources

Blogs MasterClass Series Case Studies E-Books New Advisory Media

Tools

securecode.wiki New

Pune Location Europe Location Australia Location

Top Openings

Security consultant IT sales Pre-Sales Executive Software Developer Software Tester

ALL OPENINGS

Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Close the overlay

I am looking for

Cybersecurity Services

Cybersecurity Training

Please click one!

Zeroday Reports

Report ID	Title	Reported On	Publish On	CVE-ID
PS52	Code Injection in pytorch-lightning prior to 1.6.0	03-Mar-2022	04-Mar-2022	CVE-2022-0845
PS51	Lack of Bluetooth LE pairing and access control in Fastrack reflex 2.0 activity tracker	17-Nov-2020	30-Jun-2021	CVE-2021-35952
PS50	Open Serial debug port Allows Dumping, and re- flashing Firmware in Fastrack reflex 2.0 activity tracker	17-Nov-2020	30-Jun-2021	CVE-2021-35954.
PS49	Denial of service (Device Crashing) on Fastrack reflex 2.0 activity tracker	17-Nov-2020	30-Jun-2021	CVE-2021-35953
PS48	Unauthenticated Firmware Update in Fastrack Reflex 2.0 Activity Tracker	17-Nov-2020	30-Jun-2021	CVE-2021-35951
PS47	Remote Code Execution In JsonPickle Python Module	13-Aug-2020	17-Dec-2020	CVE-2020-22083
PS46	CSRF leads to pages deletion	20-Jun-2020	10-Oct-2020	CVE-2020-25262
PS45	CSRF leads to plugin's deletion	20-Jun-2020	10-Oct-2020	CVE-2020-25263
PS44	HiveMQ MQTT broker - XSS Over MQTT	18-May-2020	25-Aug-2020	CVE-2020-13821
PS43	Lack of Bluetooth LE Encryption and Access Control in Dr,Trust ECG/EKG Pen	22-Jun-2020	22-Jul-2020	CVE-2020-15486
PS42	Lack of Medical data encryption in Dr.Trust ECG-EKG Pen	22-Jun-2020	22-Jul-2020	CVE-2020-15485
PS41	Unauthenticated UART root shell in niscomed patient Monitor	22-Jun-2020	22-Jul-2020	CVE-2020-15483
PS40	Unauthenticated telnet service in niscomed patient Monitor	22-Jun-2020	22-Jul-2020	CVE-2020-15482
PS39	Lack of medical data encryption in niscomed patient Monitor	22-Jun-2020	22-Jul-2020	CVE-2020-15484
PS38	Apache Artemis - XSS Over MQTT	20-May-2020	20-Jul-2020	CVE-2020-13932
PS37	Safari reader same origin policy (SOP) bypass	19-Apr-2020	15-Jul-2020	CVE-2020-9911
PS36	Safari reader download permission bypass	19-Apr-2020	15-Jul-2020	CVE-2020-9912
PS35	Safari Login AutoFill	22-Mar-2020	15-Jul-2020	CVE-2020-9903
PS34	DoS in aedes MQTT broker	18-May-2020	22-May-2020	CVE-2020-13410
PS33	TrendNet wireless camera buffer overflow vulneribility	13-Jan-2020	11-May-2020	CVE-2020-12763
PS32	Safari video permission spoof	05-Aug-2019	25-Mar-2020	CVE-2020-9781
PS31	WebKit - AXObjectCache - m_deferredFocusedNodeChange - UaF	19-Nov-2019	12-Mar-2020	CVE-2020-10018
PS30	Reflected XSS in GTranslate wordpress plugin	10-Feb-2020	18-Feb-2020	CVE-2020-11930
PS29	massCode Code execution	01-Feb-2020	04-Feb-2020	CVE-2020-8548
PS28	Safari Address Bar Spoof	11-Oct-2019	29-Jan-2020	CVE-2020-3833
PS27	Firefox IOS QR Code Reader XSS	18-Jul-2019	10-Dec-2019	CVE-2019-17003
PS26	Microsoft Edge Elevation of Privilege Vulnerability	28-Nov-2018	03-Dec-2019	CVE-2019-0678
PS25	Adobe Reader Out-Of-Bounds Read Information Disclosure Vulnerability	08-Jan-2018	01-Oct-2018	CVE-2018-15968
PS24	Opera Mini Location Permission Spoof	02-Aug-2018	18-Aug-2018	CVE-2018-16135
PS23	Foxit Reader - CPDF_Parser::m_pCryptoHandler - Use After Free - RCE	08-Jan-2018	16-Aug-2018	CVE-2018-14442
PS22	jscript.dll - ActiveXObject BSTR - Use After Free	09-Jan-2018	14-Aug-2018	CVE-2018-8389
PS21	Adobe Acrobat Reader Heap Overflow Remote Code Execution Vulnerability	08-Jan-2018	10-Jul-2018	CVE-2018-12798
PS20	Foxit Reader CPDF_Object Use-After-Free Remote Code Execution Vulnerability	19-Jan-2018	20-Apr-2018	CVE-2018-9951
PS19	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	19-Jan-2018	20-Apr-2018	CVE-2018-9950
PS18	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	18-May-2017	07-Jul-2017	CVE-2017-10943
PS17	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	01-Jun-2017	07-Jul-2017	CVE-2017-10944
PS16	Foxit Reader – Uninitialized Memory – Arbitrary Write Vulnerability	05-May-2017	07-Jul-2017	CVE-2017-10994
PS15	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	18-May-2017	07-Jul-2017	CVE-2017-10942
PS14	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	22-Feb-2017	09-Mar-2017	CVE-2017-8455
PS13	Foxit Reader Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	03-Jan-2017	09-Mar-2017	CVE-2017-8453
PS12	Out of Bounds Write Heap Buffer Google Chrome PDFium	25-Nov-2016	09-Mar-2017	CVE-2017-5032
PS11	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	03-Jan-2017	09-Mar-2017	CVE-2017-8454
PS10	Memory Corruption Mach-O 2	25-Jun-2016	05-Aug-2016	CVE-2017-8775
PS9	Non-ASLR & DEP Modules	09-Jun-2016	01-Aug-2016	CVE-2017-8776
PS8	Insecure Libray Loading	09-Jun-2016	01-Aug-2016
PS7	OOB Write Heap Buffer dwCompressionSize MS-WIM	13-Jul-2016	20-Jul-2016	CVE-2017-8773
PS6	Memory Corruption Mach-O 1	25-Jun-2016	11-Jul-2016	CVE-2017-8774
PS5	OOB Write Stack Buffer LC_UNIXTHREAD.cmdsize Mach-O	09-Jun-2016	11-Jun-2016	CVE-2017-5005
PS4	Adobe Reader Type Confusion - Memory Corruption Vulnerability	05-Dec-2016	06-Apr-2016	CVE-2017-3038
PS3	Microsoft Internet Explorer CDOMStringDataList::InitFromString Out-Of-Bounds Indexing Information Disclosure Vulnerability	08-Sep-2015	10-Nov-2015	CVE-2015-6086
PS2	Hardcoded AES 256 bit key used in Kankun Smart socket and its mobile App	25-May-2015	05-Jun-2015	CVE-2015-4080
PS1	CVE-2014-8446 – Adobe Acrobat/Reader – Memory Corruption	15-May-2014	09-Dec-2014	CVE-2014-8446

☷ All Blogs › ✍ Latest Blogs

arjuns
23/05/2022

Web Security Researchers, Learn All You Can About Broken Authentication Flaws

Hey guys today, I will be talking about Authentication. This blog post will cover each and every possible vulnerability which falls under broken authentication Difference between Authentication & Auth...

hariprasad.kv
18/05/2022

Bare-metal Firmware Emulation - An Introduction To Unicorn Engine

Hello everyone, in this blog series we will look into firmware emulation of bare-metal devices with the help of a CPU emulator called Unicorn. You may wonder, why go through the hassle of emulating fi...

kumar.ashwin
17/05/2022

Top 5 Things To Look For When Choosing A Penetration Testing Vendor

The Cyber Security market has grown exponentially in the past decade and will continue to grow to meet the ever-increasing demand. Every organization is currently attempting to improve their security ...