2011

Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 via a crafted XBM image (CVE-2011-0181) [Sample]

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 via a crafted embedded TrueType font (CVE-2011-0198) [Sample]

Off-by-one error in the CoreFoundation framework in Apple Mac OS X before 10.6.8 via a CFString object (CVE-2011-0201) [Sample]

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 via a crafted JPEG2000 image (CVE-2011-0205) [Sample]

Heap memory corruption in VLC (VideoLAN) via crafted USF subtitles in an MKV file (CVE-2011-0522)

2013

Hackabi (Matriculation Examination Board hacking contest) submission (CVE-2013-1446)

2014

ASUS router drive-by code execution via XSS and authentication bypass (CVE-2014-1225 et all) [PoC]

OS X Lock Screen Race Condition Security Vulnerability (CVE-2014-4438) [Video]

2015

QNAP QTS weak sessionid generation

2016

SilverCrest SWS-A1 Wi-Fi Power Socket multiple vulnerabilities (video)

Serious security threat in AfterPay bracelet payment

Inteno router CWMP Certificate Validation Vulnerability

Unauthenticated Remote Code Execution as root in NovaBACKUP DataCenter (Hiback) (CVE-2016-4898, CVE-2016-4899)

POINTYFEATHER / tar extract pathname bypass (CVE-2016-6321) [PoC]

Multiple Vulnerabilities (including RCE as root) in QNAP QTS 4.2.x [slides] [video]

2017

Multiple Vulnerabilities (including unauthenticated RCE as root) in QNAP QTS 4.2.x (CVE-2017-6361, CVE-2017-6360, CVE-2017-6359)

Multiple Vulnerabilities (including authenticated RCE as root) in Foscam cameras (CVE-2018-19063, CVE-2018-19064, CVE-2018-19065, CVE-2018-19066, CVE-2018-19067, CVE-2018-19068, CVE-2018-19070, CVE-2018-19071, CVE-2018-19072, CVE-2018-19073, CVE-2018-19074, CVE-2018-19075, CVE-2018-19076, CVE-2018-19077, CVE-2018-19078, CVE-2018-19079, CVE-2018-19080, CVE-2018-19081 and CVE-2018-19082) (advisory)

Local Privilege Escalation to root in aws-cfn-bootstrap (CVE-2017-9450)

2018

Intel(R) Active Management Technology MEBx Bypass [video]

GNU Wget Cookie Injection (CVE-2018-0494)

MagniComp SysInfo Information Exposure (CVE-2018-7268)

foilChat sign up email PIN confirmation bypass

libcurl SASL password overflow via integer overflow (CVE-2018-16839)

2019

SCP client multiple vulnerabilities (CVE-2018-20685, CVE-2019-6111, CVE-2018-20684, CVE-2019-6109, CVE-2019-6110)

2020

D-Link DGS-1250 header injection vulnerability

2021

NiceHash Miner Excavator API Cross-Site Request Forgery

Datto Remote Monitoring and Management Local Privilege Escalation

libcurl schannel cipher selection surprise (CVE-2021-22897)

libcurl TELNET stack contents disclosure (CVE-2021-22898)

libcurl TLS session caching disaster (CVE-2021-22901)

libcurl Wrong content via metalink not discarded (CVE-2021-22922)

libcurl Metalink download sends credentials (CVE-2021-22923)

libcurl Bad connection reuse due to flawed path name checks (CVE-2021-22924)

libcurl CURLOPT_SSLCERT mixup with Secure Transport (CVE-2021-22926)

Ubiquity ...

2022

Microsoft Office 365 Message Encryption Insecure Mode of Operation

libcurl Credential leak on redirect (CVE-2022-27774)

libcurl Bad local IPv6 connection reuse (CVE-2022-27775)

libcurl Auth/cookie leak on redirect (CVE-2022-27776)

libcurl curl removes wrong file on error (CVE-2022-27778)

libcurl TLS and SSH connection too eager reuse (CVE-2022-27782)

libcurl Set-Cookie denial of service (CVE-2022-32205)

libcurl HTTP compression denial of service (CVE-2022-32206)

libcurl Unpreserved file permissions (CVE-2022-32207)

libcurl FTP-KRB bad message verification (CVE-2022-32208)

Apache Airflow Daemon Mode Insecure Umask Privilege Escalation (CVE-2022-38170)

2023

curl HSTS ignored on multiple requests (CVE-2023-23914)

curl HSTS amnesia with --parallel (CVE-2023-23915)

libcurl Telnet option IAC injection (CVE-2023-27533)

libcurl SFTP path ~ resolving discrepancy (CVE-2023-27534)

libcurl FTP too eager connection reuse (CVE-2023-27535)

libcurl GSS delegation too eager connection re-use (CVE-2023-27536)

libcurl SSH connection too eager reuse still (CVE-2023-27538)

libcurl siglongjmp race condition (CVE-2023-28320)

libcurl cookie mixed case PSL bypass (CVE-2023-46218)

...