Nafiez

Interested in x86 Reverse Engineering and Vulnerability Research.

Security Research

  1. (0-Day?) Hancom Word Out-of-Bounds Read Vulnerability » 26 May 2021
  2. CVE-2020-25290 - Nitro Pro PDF JBIG2 Image Decoders Out-of-Bounds Write Vulnerability » 18 Sep 2020
  3. CVE-2020-25291 - Kingsoft WPS Office Remote Heap Corruption Vulnerability » 03 Sep 2020
  4. hide.me VPN Windows Client Privilege Escalation Vulnerability » 26 Aug 2020
  5. CVE-2020-25289 - AVAST SecureLine VPN - Arbitrary File Creation Vulnerability » 21 Jul 2020
  6. Nitro Pro 13 - From Fuzzing to Multiple Heap Corruption (CVE-2020-10222 & CVE-2020-10223) » 05 Mar 2020
  7. Nitro PDF 12 - Multiple Remote Code Execution Vulnerability » 12 Dec 2019
  8. (0-Day) Kyrol Internet Security (2015) - kyrld.sys Driver Invalid Pointer Vulnerability » 04 Dec 2019
  9. POC Conference 2019 - Hunting Vulnerability of Antivirus product » 22 Nov 2019
  10. (0-Day) Kyrol Internet Security (2015) - Multiple Vulnerability » 19 Nov 2019
  11. (0-Day) Kyrol Internet Security (2015) - Multiple Vulnerability in Kernel Driver » 16 Nov 2019
  12. (MSRC Case 54347) Microsoft Windows Service Host (svchost) - Elevation of Privilege » 05 Nov 2019
  13. CVE-2019-15512 - Total Defense Antivirus - Elevation of Privilege (Arbitrary File Creation) Vulnerability » 25 Aug 2019
  14. G Data Total Security - ACLs Bypass Vulnerability » 12 Mar 2019
  15. Emsisoft Anti-Malware - ACLs Bypass » 08 Jan 2019
  16. Microsoft Edge - Out-of-Memory Error Issue (MSRC Case 47790) » 02 Jan 2019
  17. Microsoft Windows win32k.sys - Invalid Pointer Vulnerability (MSRC Case 48212) » 09 Nov 2018
  18. NanoSec Conference 2018 (KUL) - Exploitation Era: Past, Present and Future » 20 Oct 2018
  19. Adobe Flash ActiveX - NULL Pointer Dereference » 25 Sep 2018
  20. HITB GSEC 2018 - Software Security Era: Past, Present and Future » 20 Sep 2018