Services

IoT Security Testing Red Team Assessment Product Security AI/ML Security Audit Web Security Testing

Mobile Security Testing DevSecOps Consulting Code Review Cloud Security Critical Infrastructure

Products

EXPLIoT

EXPLIoT is framework for IoT security testing
and exploitation.

CloudFuzz

CloudFuzz is platform that lets you code for bugs
by running your software with millions of test cases.

Who we are

About Us Payatu Bandits

Resources

Blogs MasterClass Series Case Studies E-Books New Advisory Media

Tools

securecode.wiki New

Pune Location Europe Location

Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Close the overlay

I am looking for

Cybersecurity Services

Cybersecurity Training

Please click one!

Zeroday Reports

Report ID	Title	Reporeted On	Publish On	CVE-ID
PS47	Remote Code Execution In JsonPickle Python Module	13-Aug-2020	17-Dec-2020	CVE-2020-22083
PS46	CSRF leads to pages deletion	20-Jun-2020	10-Oct-2020	CVE-2020-25262
PS45	CSRF leads to plugin's deletion	20-Jun-2020	10-Oct-2020	CVE-2020-25263
PS44	HiveMQ MQTT broker - XSS Over MQTT	18-May-2020	25-Aug-2020	CVE-2020-13821
PS43	Unauthenticated telnet service in niscomed patient Monitor	22-Jun-2020	22-Jul-2020	CVE-2020-15482
PS42	Unauthenticated UART root shell in niscomed patient Monitor	22-Jun-2020	22-Jul-2020	CVE-2020-15483
PS41	Lack of medical data encryption in niscomed patient Monitor	22-Jun-2020	22-Jul-2020	CVE-2020-15484
PS40	Lack of Bluetooth LE Encryption and Access Control in Dr,Trust ECG/EKG Pen	22-Jun-2020	22-Jul-2020	CVE-2020-15486
PS39	Lack of Medical data encryption in Dr.Trust ECG-EKG Pen	22-Jun-2020	22-Jul-2020	CVE-2020-15485
PS38	Apache Artemis - XSS Over MQTT	20-May-2020	20-Jul-2020	CVE-2020-13932
PS37	Safari Login AutoFill	22-Mar-2020	15-Jul-2020	CVE-2020-9903
PS36	Safari reader same origin policy (SOP) bypass	19-Apr-2020	15-Jul-2020	CVE-2020-9911
PS35	Safari reader download permission bypass	19-Apr-2020	15-Jul-2020	CVE-2020-9912
PS34	DoS in aedes MQTT broker	18-May-2020	22-May-2020	CVE-2020-13410
PS33	TrendNet wireless camera buffer overflow vulneribility	13-Jan-2020	11-May-2020	CVE-2020-12763
PS32	Safari video permission spoof	05-Aug-2019	25-Mar-2020	CVE-2020-9781
PS31	WebKit - AXObjectCache - m_deferredFocusedNodeChange - UaF	19-Nov-2019	12-Mar-2020	CVE-2020-10018
PS30	Reflected XSS in GTranslate wordpress plugin	10-Feb-2020	18-Feb-2020	CVE-2020-11930
PS29	massCode Code execution	01-Feb-2020	04-Feb-2020	CVE-2020-8548
PS28	Safari Address Bar Spoof	11-Oct-2019	29-Jan-2020	CVE-2020-3833
PS27	Firefox IOS QR Code Reader XSS	18-Jul-2019	10-Dec-2019	CVE-2019-17003
PS26	Microsoft Edge Elevation of Privilege Vulnerability	28-Nov-2018	03-Dec-2019	CVE-2019-0678
PS25	Adobe Reader Out-Of-Bounds Read Information Disclosure Vulnerability	08-Jan-2018	01-Oct-2018	CVE-2018-15968
PS24	Opera Mini Location Permission Spoof	02-Aug-2018	18-Aug-2018	CVE-2018-16135
PS23	Foxit Reader - CPDF_Parser::m_pCryptoHandler - Use After Free - RCE	08-Jan-2018	16-Aug-2018	CVE-2018-14442
PS22	jscript.dll - ActiveXObject BSTR - Use After Free	09-Jan-2018	14-Aug-2018	CVE-2018-8389
PS21	Adobe Acrobat Reader Heap Overflow Remote Code Execution Vulnerability	08-Jan-2018	10-Jul-2018	CVE-2018-12798
PS20	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	19-Jan-2018	20-Apr-2018	CVE-2018-9950
PS19	Foxit Reader CPDF_Object Use-After-Free Remote Code Execution Vulnerability	19-Jan-2018	20-Apr-2018	CVE-2018-9951
PS18	Foxit Reader – Uninitialized Memory – Arbitrary Write Vulnerability	05-May-2017	07-Jul-2017	CVE-2017-10994
PS17	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	18-May-2017	07-Jul-2017	CVE-2017-10942
PS16	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	01-Jun-2017	07-Jul-2017	CVE-2017-10944
PS15	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	18-May-2017	07-Jul-2017	CVE-2017-10943
PS14	Foxit Reader Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	03-Jan-2017	09-Mar-2017	CVE-2017-8453
PS13	Out of Bounds Write Heap Buffer Google Chrome PDFium	25-Nov-2016	09-Mar-2017	CVE-2017-5032
PS12	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	22-Feb-2017	09-Mar-2017	CVE-2017-8455
PS11	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	03-Jan-2017	09-Mar-2017	CVE-2017-8454
PS10	Memory Corruption Mach-O 2	25-Jun-2016	05-Aug-2016	CVE-2017-8775
PS9	Non-ASLR & DEP Modules	09-Jun-2016	01-Aug-2016	CVE-2017-8776
PS8	Insecure Libray Loading	09-Jun-2016	01-Aug-2016
PS7	OOB Write Heap Buffer dwCompressionSize MS-WIM	13-Jul-2016	20-Jul-2016	CVE-2017-8773
PS6	Memory Corruption Mach-O 1	25-Jun-2016	11-Jul-2016	CVE-2017-8774
PS5	OOB Write Stack Buffer LC_UNIXTHREAD.cmdsize Mach-O	09-Jun-2016	11-Jun-2016	CVE-2017-5005
PS4	Adobe Reader Type Confusion - Memory Corruption Vulnerability	05-Dec-2016	06-Apr-2016	CVE-2017-3038
PS3	Microsoft Internet Explorer CDOMStringDataList::InitFromString Out-Of-Bounds Indexing Information Disclosure Vulnerability	08-Sep-2015	10-Nov-2015	CVE-2015-6086
PS2	Hardcoded AES 256 bit key used in Kankun Smart socket and its mobile App	25-May-2015	05-Jun-2015	CVE-2015-4080
PS1	CVE-2014-8446 – Adobe Acrobat/Reader – Memory Corruption	15-May-2014	09-Dec-2014	CVE-2014-8446

☷ All Blogs › ✍ Latest Blogs

kartheek.lade
30/11/2021

Automotive Security - Part 4 (what is OBD-II ?)

Welcome back! I hope you have gone through the previous blogs, where we discussed about “CAN Bus protocol”. In this blog we will look into OBD-II which is Goto option for diagnostics in vehicles a...

prateek.thakare
18/11/2021

Broken Access Control: Pentester's Gold Mine

Hey folks, hope you all are doing well! Recently OWASP Top 10 2021 was released and the Broken Access Control grabbed the first position with the most serious security risk. Broken Access Control issu...

kartheek.lade
02/11/2021

Automotive Security - Part 3 (Intro to CAN Bus Protocol - 101)

Welcome back! I hope you have gone through the previous blogs, where we discussed about “Automotive Security introduction” & “Automotive Attack Surface”. In this blog we will look into one of ...

☷ All News › ⚑ Latest News

Workshop, Online
12-December-2021

Kartheek Lade will be conducting a workshop on “Car Hacking.”

Workshop, Online
11-December-2021

Hari Prasad and Arun Nair will be conducting a workshop on “Laternal Movement Techniques.”

Webinar, Online
26-November-2021

Appar Thusso will be delivering a webinar on “Medical Device Security: The Good, the Bad and the Ugly.”

Technical Advisory

Technical Advisory

I am looking for Cybersecurity Services Cybersecurity Training Please click one!

Please click one!

☷ All Blogs › ✍ Latest Blogs

Automotive Security - Part 4 (what is OBD-II ?)

Broken Access Control: Pentester's Gold Mine

Automotive Security - Part 3 (Intro to CAN Bus Protocol - 101)

☷ All News › ⚑ Latest News

I am looking for

Cybersecurity Services

Cybersecurity Training

Please click one!