Advisories archive

Introduction Network-attached storage devices allow multiple users and heterogeneous client devices to retrieve data from centralized disk capacity. These NAS stations are a […]

IntroductionSince 2014, Intel is dominating the PC market as the leading graphics chip vendor worldwide with ~70% market share. With this overwhelming amount […]

Introduction Since 2014, Intel is dominating the PC market as the leading graphics chip vendor worldwide with ~70% market share. With this overwhelming […]

Introduction: Each year, as part of TyphoonCon; our All Offensive Security Conference, we are offering cash prizes for vulnerabilities and exploitation techniques found. […]

Vulnerability Summary When an admin accesses the Administrator Control Panel (ACP) in phpBB, a leftover session id GET parameter is present in the […]

Vulnerability Summary The following advisory describes a Stored XSS Vulnerability found in Fortinet’s Fortigate Firewall(FortiOS) via an unauthenticated DHCP packet. CVE CVE-2019-6697 Credit […]

Vulnerability Summary The following advisory describes a Pre-Auth Integer Overflow in the XMSS Key Parsing Algorithm in OpenSSH. CVE CVE-2019-16905 Credit An independent […]

During TyphoonCon 2019 we held an open contest which involved a specially crafted binary program we provided. The goal of the contest was […]

Vulnerability summary The crosscall FilesystemDispatcher::NtOpenFile can leak an uninitialized handle value to a renderer due to an incorrect return value in FileSystemPolicy::OpenFileAction. The […]

Vulnerability Summary A use-after-free vulnerability exists in Adobe Acrobat Reader DC, which allows attackers execute arbitrary code with the privileges of the current […]