A weekly podcast for bounty hunters, exploit developers or anyone interesting in the details of the
Is the compiler make exploitation easier, these divergent representations seem to do so. We also loo
A Pixel Lockscreen bypass and some discussion about dupes in bug bounty, then a long RCE chain, and
A lot of discussion about the OpenSSL vulnerability, fuzzing and exploitation. Then into a RCE in XM
Several slightly weird issues this week, a reentrancy attack abusing a read-only function, SSRF and
Kicking off the week with a look at Apple's new security blog and the kalloc_type introduced into XN
Several simple bugs with significant impacts, XSS to being able to install apps, CSRFing via a Captc
A few issues this week, including an overflow in SHA-3, yet another io_uring bug, and multiple (ques
Several fun issues this week, from a Cobalt Strike RCE, a couple auth bypasses, and stanza smuggling
We've got a few interesting vulns, a blind format string attack, Windows kernel int overflow, and a
This week we look at a insecure deserialization (GitLab), argument injection (Packagist), and insecu
Just a couple issues this week and a discussion about why you should look at old vulnerabilities and
No actual bounties this week, but we start off with a discussion on semgrep vs codeql, then get into
Starting off with some discussion about XOM and CFI on the PS5 and how it impacts exploitation. Then
Had some varied issues this week, a file format allowing JScript for a $20,000 bounty, Akamai Cache
Starting off with meme vulnerabilities in UNISOC BootROMs, and ending with a discussion about
Discussion this week around Chrome's Sanitizer API, and bypassing firewalls with webhooks and 0days
This week we've got some summer highlights: the impact of MTE on Android, an iOS vuln and some
We are back at it, covering some write-ups and exploits we found interesting this summer. From
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/
