POSTS

Running iOS in QEMU to an interactive bash shell (1): tutorial
By Jonathan Afek,
17-Jun 2019
,
It takes only one StackOverflowException to bring down an Application deployed on IIS
By Gil Mirmovitch,
22-Oct 2018
,
CVE-2018-8269
ALEPH-2018002
ALEPH-2018003
ALEPH-2018004
ALEPH-2018005
ALEPH-2018006
Overcoming (some) Spectre browser mitigations
By Noam Hadad & Jonathan Afek,
26-Jun 2018
,
ALEPH-2018000
Exploiting Qualcomm EDL Programmers (5): Breaking Nokia 6's Secure Boot
By Roee Hay & Noam Hadad,
22-Jan 2018
,
QPSIIR-909
ALEPH-2017029
CVE-2017-13174
CVE-2017-5947
Exploiting Qualcomm EDL Programmers (4): Runtime Debugger
By Roee Hay & Noam Hadad,
22-Jan 2018
,
QPSIIR-909
ALEPH-2017029
CVE-2017-13174
CVE-2017-5947
Exploiting Qualcomm EDL Programmers (3): Memory-based Attacks & PBL Extraction
By Roee Hay & Noam Hadad,
22-Jan 2018
,
QPSIIR-909
ALEPH-2017029
CVE-2017-13174
CVE-2017-5947
Exploiting Qualcomm EDL Programmers (2): Storage-based Attacks & Rooting
By Roee Hay & Noam Hadad,
22-Jan 2018
,
QPSIIR-909
ALEPH-2017029
CVE-2017-13174
CVE-2017-5947
Exploiting Qualcomm EDL Programmers (1): Gaining Access & PBL Internals
By Roee Hay & Noam Hadad,
22-Jan 2018
,
QPSIIR-909
ALEPH-2017029
CVE-2017-13174
CVE-2017-5947
Untethered initroot (USENIX WOOT '17)
By Roee Hay,
30-Aug 2017
,
CVE-2016-10277
A-62345923
Nexus 9 vs. Malicious Headphones, Take Two
By Roee Hay,
13-Jun 2017
,
CVE-2017-0648
CVE-2017-0510
CVE-2017-0563
CVE-2017-0582
initroot: Hello Moto
By Roee Hay,
07-Jun 2017
,
CVE-2016-10277
initroot: Bypassing Nexus 6 Secure Boot through Kernel Command-line Injection
By Roee Hay,
23-May 2017
,
CVE-2016-10277
CVE-2017-1000363
OnePlus OTAs: Analysis & Exploitation
By Roee Hay,
11-May 2017
,
CVE-2017-5948
CVE-2017-8850
CVE-2017-8851
CVE-2016-10370
Owning OnePlus 3/3T with a Malicious Charger: The Last Piece of the Puzzle
By Roee Hay,
26-Mar 2017
,
CVE-2017-5622
CVE-2017-5626
CVE-2017-5624
Attacking Nexus 9 with Malicious Headphones
By Roee Hay,
08-Mar 2017
,
CVE-2017-0510
CVE-2017-0563
CVE-2017-0582
Owning a Locked OnePlus 3/3T: Bootloader Vulns
By Roee Hay,
08-Feb 2017
,
CVE-2017-5626
CVE-2017-5624
Attacking Nexus 6/6P Custom Boot Modes
By Roee Hay & Michael Goberman,
05-Jan 2017
,
CVE-2016-8467
CVE-2016-6678

VULNS

10/22/18

ALEPH-2018006
Potential DOS vulnerability in WCF services
10/22/18

ALEPH-2018005
Potential DOS vulnerability in applications that use ASP.NET Web API
10/22/18

ALEPH-2018004
Applications that use Newtonsoft.Json might be exposed to DOS vulnerability
10/22/18

ALEPH-2018003
DOS vulnerability in Azure Active Directory Graph API
10/22/18

ALEPH-2018002
DOS Vulnerability in SharePoint 2016 Server
10/22/18

CVE-2018-8269
OData Denial of Service Vulnerability
01/22/18

ALEPH-2017029
Nokia 6/5 EDL triggering through USB
01/22/18

QPSIIR-909
Qualcomm EDL Firehose Programmers Peek and Poke Primitives
01/22/18

CVE-2017-13174
Google Nexus 6 & 6P EDL triggering through ADB
01/22/18

CVE-2017-5947
OnePlus EDL triggering through ADB or Hardware Key Combination
01/09/18

CVE-2017-0829
Motorola Bootloader Old UTAGs may lead to Kernel Command-line Injection
08/30/17

A-62345923
Motorola Android Bootloader Unlocking a Re-locked Bootloader from Platform OS
08/01/17

CVE-2017-11105
OnePlus 2 Lack of SBL1 Validation Broken Secure Boot
06/13/17

CVE-2017-0648
Google Nexus 9 Ephemeral Access to Unrestricted FIQ Debugger and SysRq
05/25/17

ALEPH-2017017
Apple iOS/watchOS/tvOS IOKit Buffer Overflow in Device-Tree Parsing
05/23/17

CVE-2017-1000363
Linux lp.c Out-of-Bounds Write via Kernel Command-line
05/23/17

CVE-2016-10277
Motorola Android Bootloader Kernel Cmdline Injection Secure Boot Bypass
05/11/17

CVE-2016-10370
OnePlus OTA Lack of TLS Vulnerability
05/11/17

CVE-2017-8851
OnePlus OTA One/X Crossover Vulnerability
05/11/17

CVE-2017-8850
OnePlus OTA OxygenOS/HydrogenOS Crossover Vulnerability
05/11/17

CVE-2017-5948
OnePlus OTA Downgrade Vulnerability
05/04/17

CVE-2017-0582
Google Nexus 9 SensorHub Firmware Downgrade Vulnerability
05/03/17

CVE-2017-0563
Google Nexus 9 Cypress SAR Firmware Injection via I2C