Co-Pain

Hi there, I'm having a problem with an app i am designing, wondering if someone more knowledgable than myself can help.

Contribute to diotro/maestro development by creating an account on GitHub.

Contribute to googleprojectzero/iOS-messaging-tools development by creating an account on GitHub.

Kubernetes application deployments for restricted, regulated or remote environments. - gravitational/gravity

Contribute to LinusHenze/WebKit-RegEx-Exploit development by creating an account on GitHub.

Posted by James Forshaw, Taker of Names Sometimes when I'm doing security research I'll come across a bug which surprises me. I discove...

Posted by Ian Beer A couple of weeks ago Apple released OS X 10.9.5 and iOS 8 which fixed a number of sandbox escapes and privilege es...

Posted by Ian Beer TL;DR An OS X GPU driver trusted a user-supplied kernel C++ object pointer and called a virtual function. The I...

Posted by Stephen Röttger, Time Lord [Foreword by Chris Evans: this post by Stephen represents the first Project Zero guest blog post. ...

Posted by James Forshaw currently impersonating NT AUTHORITY\SYSTEM. Much as I enjoy the process of vulnerability research sometimes th...

Rowhammer blog post (draft) Posted by Mark Seaborn, sandbox builder and breaker, with contributions by Thomas Dullien, reverse en...

Posted by Natalie Silvanovich, Collision Investigator and (Object) Field Examiner CVE-2015-0336 is a type confusion vulnerability in the AS...

Posted by James Forshaw, giving the security community a shoulder to cry on. TL;DR; this blog post describes an unfixed bug in Windows...

Guest posted by Ivan Fratric, spraying 1TB of memory The ability to place controlled content to a predictable location in memory can be ...

Posted by Natalie Silvanovich, Planner of Bug Bashes Recently, Project Zero researched a popular Android phone, the Samsung Galaxy S6 E...

Posted by Tavis Ormandy, Security Research Over-Engineer. “Sometimes, hacking is just someone spending more time on something than anyo...

Posted by Ian Beer, Project Zero In the earlier posts we examined how the attackers gained unsandboxed code execution as root on iPhone...

Posted by Ned Williamson, 20% on Project Zero Introduction I have a somewhat unique opportunity in this writeup to highlight my experie...

Posted by Samuel Groß, Project Zero Introduction This is the first blog post in a three-part series that will detail how a vulnerability...

Posted by Samuel Groß, Project Zero This post is the second in a series about a remote, interactionless iPhone exploit over iMessage.The f...

Posted by Samuel Groß, Project Zero This is the third and last post in a series about a remote, interactionless iPhone exploit over iMessa...

Posted by Samuel Groß, Project Zero This blog post discusses an old type of issue, vulnerabilities in image format parsers, in a new(er)...

We are proud to present the TAMODIA 2006 proceedings. In 2006, the TA- MODIA workshop celebrated its ?fth anniversary. TAMODIA is an obscure acronym that stands for TAsk MOdels and DIAgrams for user i

SIMATIC S7-1200 controllers are the intelligent choice for compact automation solutions with extended communication options and integrated technology functions. They are available in standard and failsafe versions.

Today I'm happy to release new research I've been working on for a while: 0-click RCE via MMS in all modern Samsung phones (released 2015+), due to numerous bugs in a little-known custom "Qmage" image codec supported by Skia on Samsung devices. Demo: https://t.co/8KRIhy4Fpk— j00ru//vx (@j00ru) May 6, 2020