...
...

Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Report ID Title Date CVE-ID
PS19 Microsoft Edge Elevation of Privilege Vulnerability 19/7/2019 CVE-2019-0678
PS18 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 19/07/2017 CVE-2017-10943
PS17 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 19/07/2017 CVE-2017-10944
PS16 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 19/07/2017 CVE-2017-10942
PS15 Foxit Reader – Uninitialized Memory – Arbitrary Write Vulnerability 19/07/2017 CVE-2017-10994
PS14 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 22/03/2017 CVE-2017-8454
PS13 Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 22/03/2017 CVE-2017-8455
PS12 Out of Bounds Write Heap Buffer Google Chrome PDFium 22/03/2017 CVE-2017-5032
PS11 Foxit Reader Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 21/03/2017 CVE-2017-8453
PS10 Adobe Reader Type Confusion - Memory Corruption Vulnerability 05/12/2016 CVE-2017-3038
PS9 Insecure Libray Loading 17/10/2016
PS8 Memory Corruption Mach-O 1 17/10/2016 CVE-2017-8774
PS7 Non-ASLR & DEP Modules 17/10/2016 CVE-2017-8776
PS6 OOB Write Heap Buffer dwCompressionSize MS-WIM 17/10/2016 CVE-2017-8773
PS5 Memory Corruption Mach-O 2 17/10/2016 CVE-2017-8775
PS4 OOB Write Stack Buffer LC_UNIXTHREAD.cmdsize Mach-O 17/10/2016 CVE-2017-5005
PS3 Microsoft Internet Explorer CDOMStringDataList::InitFromString Out-Of-Bounds Indexing Information Disclosure Vulnerability 09/12/2015 CVE-2015-6086
PS2 CVE-2014-8446 – Adobe Acrobat/Reader – Memory Corruption 28/06/2015 CVE-2014-8446
PS1 Hardcoded AES 256 bit key used in Kankun Smart socket and its mobile App 28/05/2015 CVE-2015-4080

Latest Blogs See all blog

Token Stealing with Windows Update KB4054518

05/07/2019
Blogger
Siddhant Badhe

Introduction of Tcache bins in Heap management

13/03/2019
Blogger
Gaurav Nayak

6 Must have tools for your iOS pentesting toolkit

22/02/2019
Blogger
Akansha Kesharwani

Latest news See all news

09-October-2019
Delhi, India

Sudhakar Verma and Krishnakant Patil will be delivering 2 days training on Reverse Engineering at NULLCON Delhi 2019.

09-August-2019
Las Vegas USA

We will be demonstrating our tool EXPLIoT: IoT Security Testing and Exploitation Framework at Defcon 27 Demo Labs track

08-August-2019
Las Vegas, USA

We will be demonstrating our tool EXPLIoT: IoT Security Testing and Exploitation Framework at BlackHat Arsenal track.