News
Advisory
Hardware Lab
Career
Products
EXPLIoT CloudFuzz

Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

...
...

Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Close the overlay

I am looking for
Please click one!

Report ID Title Reporeted On Publish On CVE-ID
PS47 Remote Code Execution In JsonPickle Python Module 13-Aug-2020 17-Dec-2020 CVE-2020-22083
PS46 CSRF leads to pages deletion 20-Jun-2020 10-Oct-2020 CVE-2020-25262
PS45 CSRF leads to plugin's deletion 20-Jun-2020 10-Oct-2020 CVE-2020-25263
PS44 HiveMQ MQTT broker - XSS Over MQTT 18-May-2020 25-Aug-2020 CVE-2020-13821
PS43 Unauthenticated telnet service in niscomed patient Monitor 22-Jun-2020 22-Jul-2020 CVE-2020-15482
PS42 Unauthenticated UART root shell in niscomed patient Monitor 22-Jun-2020 22-Jul-2020 CVE-2020-15483
PS41 Lack of medical data encryption in niscomed patient Monitor 22-Jun-2020 22-Jul-2020 CVE-2020-15484
PS40 Lack of Bluetooth LE Encryption and Access Control in Dr,Trust ECG/EKG Pen 22-Jun-2020 22-Jul-2020 CVE-2020-15486
PS39 Lack of Medical data encryption in Dr.Trust ECG-EKG Pen 22-Jun-2020 22-Jul-2020 CVE-2020-15485
PS38 Apache Artemis - XSS Over MQTT 20-May-2020 20-Jul-2020 CVE-2020-13932
PS37 Safari Login AutoFill 22-Mar-2020 15-Jul-2020 CVE-2020-9903
PS36 Safari reader same origin policy (SOP) bypass 19-Apr-2020 15-Jul-2020 CVE-2020-9911
PS35 Safari reader download permission bypass 19-Apr-2020 15-Jul-2020 CVE-2020-9912
PS34 DoS in aedes MQTT broker 18-May-2020 22-May-2020 CVE-2020-13410
PS33 TrendNet wireless camera buffer overflow vulneribility 13-Jan-2020 11-May-2020 CVE-2020-12763
PS32 Safari video permission spoof 05-Aug-2019 25-Mar-2020 CVE-2020-9781
PS31 WebKit - AXObjectCache - m_deferredFocusedNodeChange - UaF 19-Nov-2019 12-Mar-2020 CVE-2020-10018
PS30 Reflected XSS in GTranslate wordpress plugin 10-Feb-2020 18-Feb-2020 CVE-2020-11930
PS29 massCode Code execution 01-Feb-2020 04-Feb-2020 CVE-2020-8548
PS28 Safari Address Bar Spoof 11-Oct-2019 29-Jan-2020 CVE-2020-3833
PS27 Firefox IOS QR Code Reader XSS 18-Jul-2019 10-Dec-2019 CVE-2019-17003
PS26 Microsoft Edge Elevation of Privilege Vulnerability 28-Nov-2018 03-Dec-2019 CVE-2019-0678
PS25 Adobe Reader Out-Of-Bounds Read Information Disclosure Vulnerability 08-Jan-2018 01-Oct-2018 CVE-2018-15968
PS24 Opera Mini Location Permission Spoof 02-Aug-2018 18-Aug-2018 CVE-2018-16135
PS23 Foxit Reader - CPDF_Parser::m_pCryptoHandler - Use After Free - RCE 08-Jan-2018 16-Aug-2018 CVE-2018-14442
PS22 jscript.dll - ActiveXObject BSTR - Use After Free 09-Jan-2018 14-Aug-2018 CVE-2018-8389
PS21 Adobe Acrobat Reader Heap Overflow Remote Code Execution Vulnerability 08-Jan-2018 10-Jul-2018 CVE-2018-12798
PS20 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 19-Jan-2018 20-Apr-2018 CVE-2018-9950
PS19 Foxit Reader CPDF_Object Use-After-Free Remote Code Execution Vulnerability 19-Jan-2018 20-Apr-2018 CVE-2018-9951
PS18 Foxit Reader – Uninitialized Memory – Arbitrary Write Vulnerability 05-May-2017 07-Jul-2017 CVE-2017-10994
PS17 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 18-May-2017 07-Jul-2017 CVE-2017-10942
PS16 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 01-Jun-2017 07-Jul-2017 CVE-2017-10944
PS15 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 18-May-2017 07-Jul-2017 CVE-2017-10943
PS14 Foxit Reader Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 03-Jan-2017 09-Mar-2017 CVE-2017-8453
PS13 Out of Bounds Write Heap Buffer Google Chrome PDFium 25-Nov-2016 09-Mar-2017 CVE-2017-5032
PS12 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 22-Feb-2017 09-Mar-2017 CVE-2017-8455
PS11 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 03-Jan-2017 09-Mar-2017 CVE-2017-8454
PS10 Memory Corruption Mach-O 2 25-Jun-2016 05-Aug-2016 CVE-2017-8775
PS9 Non-ASLR & DEP Modules 09-Jun-2016 01-Aug-2016 CVE-2017-8776
PS8 Insecure Libray Loading 09-Jun-2016 01-Aug-2016
PS7 OOB Write Heap Buffer dwCompressionSize MS-WIM 13-Jul-2016 20-Jul-2016 CVE-2017-8773
PS6 Memory Corruption Mach-O 1 25-Jun-2016 11-Jul-2016 CVE-2017-8774
PS5 OOB Write Stack Buffer LC_UNIXTHREAD.cmdsize Mach-O 09-Jun-2016 11-Jun-2016 CVE-2017-5005
PS4 Adobe Reader Type Confusion - Memory Corruption Vulnerability 05-Dec-2016 06-Apr-2016 CVE-2017-3038
PS3 Microsoft Internet Explorer CDOMStringDataList::InitFromString Out-Of-Bounds Indexing Information Disclosure Vulnerability 08-Sep-2015 10-Nov-2015 CVE-2015-6086
PS2 Hardcoded AES 256 bit key used in Kankun Smart socket and its mobile App 25-May-2015 05-Jun-2015 CVE-2015-4080
PS1 CVE-2014-8446 – Adobe Acrobat/Reader – Memory Corruption 15-May-2014 09-Dec-2014 CVE-2014-8446

All Blogs ›  Latest Blogs

16/06/2021
arjun

MineSweeper, with no luck - An Introductory blog to Reverse Engineering
02/06/2021
farid

Thick Client Penetration Testing Approach
02/06/2021
gaurav

Exploiting open redirect - Whitelist bypass using Salesforce environment

All News ›  Latest News

Webinar, Online
28-May-2021

Hrushikesh Kakade will be giving a talk on “Introduction to Red Team Assessments: Enumeration.”
Webinar, Online
30-April-2021

Yashodhan Mandke will be giving a talk on “Securing your IoT Products with Security Compliance Standards.”
Session, Online
09-April-2021

Aseem Jakhar will be speaking at the Dynamic CISO Session on the topic IOT: New Frontier, New Threats.