Hossein Lotfi
@hosselot
Followers
6K
Following
5K
Media
33
Statuses
2K
Vulnerability researcher at ZDI (views are my own). Check #hosselot_tips for vulnerability research tips. 'A machine never faults. It reflects human's faults.'
North
Joined October 2012
The fix for Google Chrome V8 In-The-Wild Type Confusion vulnerability in interpreter bytecode generator (CVE-2025-6554 [427663123]):. Further hardening:.
2
14
51
RT @TheZDIBugs: [ZDI-25-304|CVE-2025-31251] Apple macOS JPEG Image Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability (CVSS 8….
0
5
0
RT @TheZDIBugs: [ZDI-25-298|CVE-2025-31233] Apple macOS MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability (CVSS 8.8; C….
0
8
0
The fix for #Pwn2Own Mozilla Firefox JIT compiler vulnerability when optimizing linear sums (CVE-2025-4921 [1966614]):.
Second hit: Mozilla Firefox pwned again at first attempt and in just a few seconds using an integer overflow vulnerability by Manfred Paul.
2
10
75
The fix for #Pwn2Own Mozilla Firefox Out-of-bounds access vulnerability when resolving Promise objects (CVE-2025-4920 [1966612]):.
0
5
35
Second hit: Mozilla Firefox pwned again at first attempt and in just a few seconds using an integer overflow vulnerability by Manfred Paul.
There are two browser entries at #Pwn2Own Berlin 2025 both targeting "Mozilla Firefox". Let's see if it can be pwned.
0
0
16
First blood: Mozilla Firefox pwned at first attempt (in less than 2 seconds) using an out-of-bounds write vulnerability by Edouard Bochin (@le_douds) and Tao Yan (@Ga1ois) from Palo Alto Networks.
There are two browser entries at #Pwn2Own Berlin 2025 both targeting "Mozilla Firefox". Let's see if it can be pwned.
0
5
24
Five more vuls in macOS Sequoia 15.5/iOS 18.5 (some triggerable via Safari):. AppleJPEG:.CVE-2025-31251: RCE. CoreAudio:.CVE-2025-31208: RCE. CoreMedia:.CVE-2025-31239: RCE.CVE-2025-31233: RCE. CoreGraphics:.CVE-2025-31209: info disc.
3
26
125
Details of macOS sips ICC profile parsing Out-Of-Bounds write vulnerability (CVE-2024-44236):.
An analysis of CVE-2024-44236 - an RCE in macOS due to the lack of proper validation of “lutAToBType” and “lutBToAType” tag types. Read the details, see the source code review, and get detection guidance at
0
1
11
7 vuls in macOS Sequoia 15.4:. CoreMedia:.CVE-2025-24211: RCE(Safari).CVE-2025-24190: RCE(Safari). Audio:.CVE-2025-24243: RCE.CVE-2025-24244: inf disc.ZDI-CAN-26281: inf disc. CoreAudio:.CVE-2025-24230: inf disc(Safari). CoreText:.CVE-2025-24182: inf disc.
0
5
61
Two vulnerabilities fixed in macOS Sequoia 15.3:. sips:.CVE-2025-24185: RCE.CVE-2025-24139: info disc.
0
9
54
Happy Persian New Year (Nowruz) "1404", everyone. I wish you all the best. نوروز ۱۴۰۴ مبارک. با آرزوی بهترین ها برای همه شما عزیزان.
0
0
10
1 vulnerability in Apple December 2024 security releases:.CVE-2024-54486: information disclosure in FontParser.
8 vulns in Apple October 2024 security releases:. sips:.CVE-2024-44236: RCE.CVE-2024-44237: RCE.CVE-2024-44279: info disc.CVE-2024-44281: info disc.CVE-2024-44283: info disc. CoreText:.CVE-2024-44240: info disc.CVE-2024-44302: info disc. Foundation:.CVE-2024-44282: info disc.
4
3
40
Google Chrome In-The-Wild memory corruption vulnerability in V8 (CVE-2024-7965 [356196918]]) bug entry is now open with a PoC:.
Chrome 128.0.6613.84 also fixed another In-The-Wild vulnerability in V8 (CVE-2024-7965 [356196918]) which happens within compiler due to not clearing phi_states_ data from previous calls to ZeroExtendsWord32ToWord64:.
1
19
81
8 vulns in Apple October 2024 security releases:. sips:.CVE-2024-44236: RCE.CVE-2024-44237: RCE.CVE-2024-44279: info disc.CVE-2024-44281: info disc.CVE-2024-44283: info disc. CoreText:.CVE-2024-44240: info disc.CVE-2024-44302: info disc. Foundation:.CVE-2024-44282: info disc.
1
7
54
Mozilla fixed an almost similar ITW use-after-free vulnerability in Firefox several years ago (CVE-2016-9079). It happens during SVG animation handling with no JS callback involved!. A nice write-up by rapid7:. Mozilla bug entry:.
The fix for Mozilla Firefox In-The-Wild use-after-free vulnerability in Animation timeline (CVE-2024-9680 [1923344]):.
1
14
82
The fix for Mozilla Firefox In-The-Wild use-after-free vulnerability in Animation timeline (CVE-2024-9680 [1923344]):.
3
12
46