Hossein Lotfi: Senior Vulnerability Researcher at Zero Day Initiative

X (Twitter)
Linkedin

  1. CVE-2023-38600: STORY OF AN INNOCENT APPLE SAFARI COPYWITHIN GONE (WAY) OUTSIDE


  2. BUT YOU TOLD ME YOU WERE SAFE: ATTACKING THE MOZILLA FIREFOX SANDBOX (PART 2)


  3. BUT BUT YOU TOLD ME YOU WERE SAFE: ATTACKING THE MOZILLA FIREFOX RENDERER (PART 1)


  4. CVE-2022-26381: GONE BY OTHERS! TRIGGERING A UAF IN FIREFOX


  5. EXPLOITATION OF CVE-2021-21220 – FROM INCORRECT JIT BEHAVIOR TO RCE


  6. UNDERSTANDING THE ROOT CAUSE OF CVE-2021-21220 – A CHROME BUG FROM PWN2OWN 2021


  7. TWO BIRDS WITH ONE STONE: AN INTRODUCTION TO V8 AND JIT EXPLOITATION


  8. CVE-2021-31969: UNDERFLOWING IN THE CLOUDS


  9. SYNCING OUT OF THE FIREFOX SANDBOX


  10. THE LEFT BRANCH LESS TRAVELLED: A STORY OF A MOZILLA FIREFOX USE-AFTER-FREE VULNERABILITY


  11. THE STORY OF TWO WINNING PWN2OWN JIT VULNERABILITIES IN MOZILLA FIREFOX


  12. Microsoft Windows "LoadUvsTable()" Heap-based Buffer Overflow Vulnerability


  13. A Look into Microsoft Windows usp10.dll "GetFontDesc()" Integer Underflow Vulnerability


  14. Yet Another Windows GDI Story - MS15-035


  15. In Memory of a Zero-day - MS13-051