Out-of-Bounds Memory Access in macOS libmacho.dylib Overview A security vulnerability has been identified in macOS’s libmacho.dylib library. The bug allows an attacker to cause an out-of-bounds memory access through a specially crafted Mach-O fat binary… Read More »RESEARCH – 2025-43254
Have you ever tried to build furniture and somehow you got more (or less) parts than what you’d expect. You end up with a tiny stick of wood and 3 screws and your furniture seems… Read More »Beyond the Black Box – Engineering AI for Complex Security Analysis
V8 Turboshaft Load Elimination Type Confusion Vulnerability (CVE-2024-6773)Exploitable Memory Corruption via Garbage Collection Race Condition Executive Summary A critical type confusion vulnerability (CVE-2024-6773) was discovered in V8’s Turboshaft compiler optimization pipeline. The flaw allowed stale… Read More »RESEARCH – CVE-2024-6773 – Type confusion in v8
Harnessing Libraries for Effective Fuzzing Intro Every security researcher or fuzzer enthusiast dreams of a program that takes a file as input, achieves deep coverage, and executes with lightning speed. Unfortunately, in the real world,… Read More »The Art of Fuzzing: Harnessing Libraries for Effective Fuzzing
Buffer Overflow in GNU Binutils objdump tekhex Parser Description A buffer overflow vulnerability exists in GNU Binutils’ objdump utility when processing tekhex format files. The vulnerability occurs in the Binary File Descriptor (BFD) library’s tekhex… Read More »RESEARCH – OBJDUMP -CVE-2024-53589
Last summer I decided to look into fuzzing 7zip. I gathered an interesting corpus of archive file with all 7z supported formats and started a fuzzing campaign with AFL++. After a few days of running,… Read More »RESEARCH – 7zip – CVE-2024-11612
Author: 2ourc3 Introduction Today we are gonna dive into grey-box fuzzing by testing closed source Windows binaries. This type of fuzzing allows one to fuzz a target without having access to its source code. Why… Read More »The art of fuzzing: Windows Binaries
This fuzzing introduction cover all the essentials one should know about the art of fuzzing. It explain major concept and illustrate it with and hands-on exercise the reader can follow. In conclusion some hints are given on how to hunt for bugs with fuzzing