Services

IoT Security Testing Red Team Assessment Product Security AI/ML Security Audit Web Security Testing

Mobile Security Testing DevSecOps Consulting Code Review Cloud Security Critical Infrastructure

Products

EXPLIoT

EXPLIoT is framework for IoT security testing
and exploitation.

CloudFuzz

CloudFuzz is platform that lets you code for bugs
by running your software with millions of test cases.

Who we are

About Us Payatu Bandits

Resources

Blogs MasterClass Series Case Studies E-Books New Advisory Media

Tools

securecode.wiki New

Pune Location Europe Location

Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Close the overlay

I am looking for

Cybersecurity Services

Cybersecurity Training

Please click one!

Zeroday Reports

Report ID	Title	Reporeted On	Publish On	CVE-ID
PS47	Remote Code Execution In JsonPickle Python Module	13-Aug-2020	17-Dec-2020	CVE-2020-22083
PS46	CSRF leads to pages deletion	20-Jun-2020	10-Oct-2020	CVE-2020-25262
PS45	CSRF leads to plugin's deletion	20-Jun-2020	10-Oct-2020	CVE-2020-25263
PS44	HiveMQ MQTT broker - XSS Over MQTT	18-May-2020	25-Aug-2020	CVE-2020-13821
PS43	Lack of Bluetooth LE Encryption and Access Control in Dr,Trust ECG/EKG Pen	22-Jun-2020	22-Jul-2020	CVE-2020-15486
PS42	Lack of Medical data encryption in Dr.Trust ECG-EKG Pen	22-Jun-2020	22-Jul-2020	CVE-2020-15485
PS41	Unauthenticated UART root shell in niscomed patient Monitor	22-Jun-2020	22-Jul-2020	CVE-2020-15483
PS40	Unauthenticated telnet service in niscomed patient Monitor	22-Jun-2020	22-Jul-2020	CVE-2020-15482
PS39	Lack of medical data encryption in niscomed patient Monitor	22-Jun-2020	22-Jul-2020	CVE-2020-15484
PS38	Apache Artemis - XSS Over MQTT	20-May-2020	20-Jul-2020	CVE-2020-13932
PS37	Safari reader same origin policy (SOP) bypass	19-Apr-2020	15-Jul-2020	CVE-2020-9911
PS36	Safari reader download permission bypass	19-Apr-2020	15-Jul-2020	CVE-2020-9912
PS35	Safari Login AutoFill	22-Mar-2020	15-Jul-2020	CVE-2020-9903
PS34	DoS in aedes MQTT broker	18-May-2020	22-May-2020	CVE-2020-13410
PS33	TrendNet wireless camera buffer overflow vulneribility	13-Jan-2020	11-May-2020	CVE-2020-12763
PS32	Safari video permission spoof	05-Aug-2019	25-Mar-2020	CVE-2020-9781
PS31	WebKit - AXObjectCache - m_deferredFocusedNodeChange - UaF	19-Nov-2019	12-Mar-2020	CVE-2020-10018
PS30	Reflected XSS in GTranslate wordpress plugin	10-Feb-2020	18-Feb-2020	CVE-2020-11930
PS29	massCode Code execution	01-Feb-2020	04-Feb-2020	CVE-2020-8548
PS28	Safari Address Bar Spoof	11-Oct-2019	29-Jan-2020	CVE-2020-3833
PS27	Firefox IOS QR Code Reader XSS	18-Jul-2019	10-Dec-2019	CVE-2019-17003
PS26	Microsoft Edge Elevation of Privilege Vulnerability	28-Nov-2018	03-Dec-2019	CVE-2019-0678
PS25	Adobe Reader Out-Of-Bounds Read Information Disclosure Vulnerability	08-Jan-2018	01-Oct-2018	CVE-2018-15968
PS24	Opera Mini Location Permission Spoof	02-Aug-2018	18-Aug-2018	CVE-2018-16135
PS23	Foxit Reader - CPDF_Parser::m_pCryptoHandler - Use After Free - RCE	08-Jan-2018	16-Aug-2018	CVE-2018-14442
PS22	jscript.dll - ActiveXObject BSTR - Use After Free	09-Jan-2018	14-Aug-2018	CVE-2018-8389
PS21	Adobe Acrobat Reader Heap Overflow Remote Code Execution Vulnerability	08-Jan-2018	10-Jul-2018	CVE-2018-12798
PS20	Foxit Reader CPDF_Object Use-After-Free Remote Code Execution Vulnerability	19-Jan-2018	20-Apr-2018	CVE-2018-9951
PS19	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	19-Jan-2018	20-Apr-2018	CVE-2018-9950
PS18	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	18-May-2017	07-Jul-2017	CVE-2017-10943
PS17	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	01-Jun-2017	07-Jul-2017	CVE-2017-10944
PS16	Foxit Reader – Uninitialized Memory – Arbitrary Write Vulnerability	05-May-2017	07-Jul-2017	CVE-2017-10994
PS15	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	18-May-2017	07-Jul-2017	CVE-2017-10942
PS14	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	22-Feb-2017	09-Mar-2017	CVE-2017-8455
PS13	Foxit Reader Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	03-Jan-2017	09-Mar-2017	CVE-2017-8453
PS12	Out of Bounds Write Heap Buffer Google Chrome PDFium	25-Nov-2016	09-Mar-2017	CVE-2017-5032
PS11	Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	03-Jan-2017	09-Mar-2017	CVE-2017-8454
PS10	Memory Corruption Mach-O 2	25-Jun-2016	05-Aug-2016	CVE-2017-8775
PS9	Non-ASLR & DEP Modules	09-Jun-2016	01-Aug-2016	CVE-2017-8776
PS8	Insecure Libray Loading	09-Jun-2016	01-Aug-2016
PS7	OOB Write Heap Buffer dwCompressionSize MS-WIM	13-Jul-2016	20-Jul-2016	CVE-2017-8773
PS6	Memory Corruption Mach-O 1	25-Jun-2016	11-Jul-2016	CVE-2017-8774
PS5	OOB Write Stack Buffer LC_UNIXTHREAD.cmdsize Mach-O	09-Jun-2016	11-Jun-2016	CVE-2017-5005
PS4	Adobe Reader Type Confusion - Memory Corruption Vulnerability	05-Dec-2016	06-Apr-2016	CVE-2017-3038
PS3	Microsoft Internet Explorer CDOMStringDataList::InitFromString Out-Of-Bounds Indexing Information Disclosure Vulnerability	08-Sep-2015	10-Nov-2015	CVE-2015-6086
PS2	Hardcoded AES 256 bit key used in Kankun Smart socket and its mobile App	25-May-2015	05-Jun-2015	CVE-2015-4080
PS1	CVE-2014-8446 – Adobe Acrobat/Reader – Memory Corruption	15-May-2014	09-Dec-2014	CVE-2014-8446

☷ All Blogs › ✍ Latest Blogs

manmeet
09/01/2022

Log4j Vulnerability-An overview to the un-noticed open window in your application.

Log4jShell !!! Log4j vulnerability !!! Log4j RCE !!! , you are probably getting all of these names, notifications and posts popping up in your LinkedIn, Twitter and other social network sites in Decem...

amit
08/01/2022

Penetrate the Protected Component in Android Part -1

Hello guys, in our last blog of the series we discussed basic fundamentals about Android applications and their architecture, if you have not read my previous blog on Understanding Android Basics, the...

kartheek.lade
29/12/2021

Automotive Security - Part 5 (How to use can-utils efficiently ?)

Welcome back! I hope you have gone through the previous blogs, where we discussed about OBD-II. In this blog we will look into can-utils. Which contains user space utilities for Linux CAN subsystem. I...

☷ All News › ⚑ Latest News

Talk, Online
18-December-2021

Amit Musale will be giving a talk on “Building ICS/SCADA(OT) Security Labs.”

Talk, Online
18-December-2021

Kumar Ashvin will be giving a talk on “Are your containers really secure?.”

Talk, Online
18-December-2021

Kumar Ashvin will be giving a talk on “Are your containers really secure?.”

Technical Advisory

Technical Advisory

I am looking for Cybersecurity Services Cybersecurity Training Please click one!

Please click one!

☷ All Blogs › ✍ Latest Blogs

Log4j Vulnerability-An overview to the un-noticed open window in your application.

Penetrate the Protected Component in Android Part -1

Automotive Security - Part 5 (How to use can-utils efficiently ?)

☷ All News › ⚑ Latest News

I am looking for

Cybersecurity Services

Cybersecurity Training

Please click one!