CVE-2021-33318 IpMatcher v1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2. incorrectly validates octal & hexadecimal input data, leading to indeterminate SSRF, LFI, RFI, and DoS vectors. 2022-05-15T20:34:14
AMD Epyc/Threadripper, Photoshop on Wine: Unhandled exception: page fault on write access to 0x200a2c6c in 32-bit code (0x0aa97a97). Too many Logical Cores 2022-11-26T15:10:51
Live in Canada – Sick Codes presenting @ CAAIN.CA Canadian agri-food innovation January 10, 2023: “Real Farm Hacking: Tips & Tricks” 2022-11-25T18:41:57
Sick Codes will be speaking at Free Software Foundation (FSF) LibrePlanet 2023: The State ofFree Software in Agriculture 2023-03-11T19:20:37
CVE-2022-35414 – QEMU 4.1.50 through QEMU 7.0.0 – address_space_translate_for_iotlb allows a guest user to crash a host resulting in a denial of service. 2022-07-11T03:52:21
CVE-2022-36123 – A vulnerability in Linux kernel mainline v5.18-rc1 through v5.19-rc6 does not clear statically allocated variables in the block starting symbol (.bss) due to a failed early_xen_iret_patch leading to an asm_exc_page_fault, or arbitrary code execution 2022-07-29T01:57:01
Live Event: Sick Codes presenting @ Automotive Cybersecurity Conference by Automotive-IQ: “Research on the Stellantis Platform” Santa Clara Marriott Hotel, CA, October 25 – 27, 2022 2022-10-18T23:13:23
Sick Codes Presenting @ Microsoft BlueHat 2023 – February 8-9th 2023 in Redmond, WA 2023-01-18T14:39:57
CVE-2022-28345 – Signal client for iOS version 5.33.2 and below are vulnerable to RTLO Injection URI Spoofing using malicious URLs such as gepj.net/selif#/moc.elpmaxe which would appear as example.com/#files/ten.jpeg 2022-04-14T17:08:09
Sick Codes is speaking @ EcoMotion Week (Tel Aviv, Israel) May 22-24 2023, Main Stage && C2A Security’s side-event! 2023-05-04T12:43:38
Sick Codes Speaking LIVE in-person @ Hardwear.io USA 9-10th June 2022: Supply Chain Level 0: Grinding Tractors to a Halt – Growing Pains in Agricultural Hardware Security 2022-05-16T18:47:24