Fermium-252 : The Cyber Threat Intelligence Database
Fermium-252 is a comprehensive vulnerability database platform preparing our clients for the state-sponsored cyber attacks by providing advanced intelligence and accurate security countermeasures.
The name comes from the element Fermium, where one of its radioactive isotopes has a half-life of 25.39 hours (almost 24 hours, aka 1-day). Hence, in Fermium-252, we tackle 1-day vulnerabilities that are discovered every month.
Since its launch in 2019, Fermium has been at the forefront of cybersecurity innovation, offering unparalleled insights into vulnerabilities within a few days of their emergence. We offer a curated library of 463 in-depth vulnerability reports, meticulously researched and validated, complete with Proof of Concept (PoC) codes for 461 of them. Impressively, 278 of these PoCs were disclosed exclusively on Fermium before their public release, underscoring our commitment to providing our customers with unique and valuable intelligence. Among these, 230 reports include working exploit codes tailored for testing, offering a practical edge in cybersecurity offense and defense.
Initially, Fermium-252 carved its niche by concentrating on desktop environment vulnerabilities, such as browsers and operating systems, with a keen focus on vulnerabilities commonly used in state-sponsored attacks. This strategic choice stems from our deep understanding of the cybersecurity landscape and our dedication to safeguarding our clients against sophisticated threats. As we evolve, we’re broadening our horizons to encompass a wider array of targets, ensuring our customers receive the most comprehensive protection available.
The graph below showcases the scope of Fermium-252’s impact and target diversity, illustrating our pivotal role in enhancing your cybersecurity posture. Join us in our mission to stay one step ahead of cyber threats and secure your digital frontier with Fermium’s cutting-edge intelligence.
Contents in reports
A Fermium report includes sections on overview, technical details, exploitation, and mitigation.
The overview section offers insights into the vulnerability, detailing its description, impact, and any information available to the public. This section serves as a comprehensive source for general information. The technical details section stands out as a crucial element of the report, delivering in-depth background information, an analysis of the root cause, and an evaluation of the patch. In the exploitation section, you will find both the Proof of Concept (PoC) and exploit code (if available), accompanied by a thorough explanation. Finally, the mitigation section presents information on relevant patches and updates.
To give you an idea of our work, we have included a partial catalog of Fermium reports from the past two years.
Fermium ID | CVE Number | Title | Remarks |
|---|---|---|---|
FM-2022-0059 | CVE-2022-42432 | Linux Kernel nftables Uninitialized Variable Information Disclosure Vulnerability | |
FM-2022-0064 | CVE-2022-38050 | Microsoft Windows Windows Desktop Manager CInjectionAnimation Heap Overflow Vulnerability | |
FM-2022-0076 | CVE-2022-41128 | Microsoft Jscript9 JIT OptArraySrc Type Confusion Vulnerability | In-The-Wild |
FM-2022-0079 | CVE-2022-0000 | Microsoft Teams Desktop pluginHost Sandbox Escape Vulnerability | Pwn2Own |
FM-2023-0003 | CVE-2023-21674 | Windows ALPC Message WaitingThread Dangling Pointer Elevation of Privilege Vulnerability | In-The-Wild |
FM-2023-0010 | CVE-2022-20452 | Android LazyValue negative object length unvalidate vulnerability | |
FM-2023-0015 | CVE-2022-22047 | Microsoft Windows Client Server Run-time Subsystem (CSRSS) Cache Poisoning Elevation of Privilege Vulnerability | In-The-Wild |
FM-2023-0019 | CVE-2023-28218 | Microsoft Windows Ancillary Function Driver for WinSock Double Fetch Elevation of Privilege Vulnerability | |
FM-2023-0023 | CVE-2023-21542 | Microsoft Windows Installer Service Icon Create Elevation of Privilege by TOCTOU | |
FM-2023-0024 | CVE-2023-21092 | Android Registering Broadcast Receiver Permission Bypass Vulnerability | |
FM-2023-0027 | CVE-2023-21991 | Oracle VirtualBox VGA MMIO Handling Out-Of-Bounds Read Information Disclosure Vulnerability | |
FM-2023-0028 | CVE-2023-20870 | VMware Workstation VBluetooth Uninitialized Variable Information Disclosure Vulnerability | Pwn2Own |
FM-2023-0032 | CVE-2023-20869 | VMware Workstation VBluetooth SDP Stack Buffer Overflow Vulnerability | Pwn2Own |
FM-2023-0033 | CVE-2023-3269 | Linux Kernel Memory Management Race Condition Vulnerability | kCTF |
FM-2023-0035 | CVE-2023-21987 | Oracle VirtualBox TPM MMIO Handling Stack-based Buffer Overflow Vulnerability | Pwn2Own |
FM-2023-0039 | CVE-2023-27997 | Fortigate Heap buffer overflow in sslvpn pre-authentication | |
FM-2023-0040 | CVE-2023-31248 | Linux Kernel Netfilter Subsystem nft_chain_lookup_byid Use-After-Free Vulnerability | |
FM-2023-0042 | CVE-2023-35320 | Microsoft Windows Diagtrack Service Arbitrary File Creation Elevation of Privilege Vulnerability | |
FM-2023-0045 | CVE-2023-2033 | Google Chrome Type confusion in V8 Stack trace API | In-The-Wild |
FM-2023-0046 | CVE-2023-3079 | Google Chrome Improper Inline Cache Handler for JSStrictArgumentsObject Hole Leak Vulnerability | In-The-Wild |
FM-2023-0049 | CVE-2023-38831 | RARLAB WinRAR Invalid File Path Validation Remote Code Execution Vulnerability | In-The-Wild |
FM-2023-0050 | CVE-2023-36802 | Microsoft Windows Streaming Service mskssrv Driver Type Confusion Vulnerability | In-The-Wild |
FM-2023-0051 | CVE-2023-36874 | Microsoft Windows Error Reporting Service Elevation of Privilege Vulnerability | In-The-Wild |
FM-2023-0055 | CVE-2023-34044 | VMware Workstation VBluetooth Class Request Information Disclosure Vulnerability | |
FM-2023-0056 | CVE-2023-4762 | Google Chrome Type Confusion in V8 | In-The-Wild |
FM-2023-0062 | CVE-2023-0000 | Google Chrome Type Confusion in V8 | v8CTF |
FM-2023-0064 | CVE-2023-22098 | Oracle VirtualBox VirtIO-Net Heap Out-Of-Bound Write Vulnerability | |
FM-2023-0069 | CVE-2023-36033 | Windows Desktop Windows Manager CKeyframeAnimation Untrusted Pointer Reference Elevation of Privilege Vulnerability | In-The-Wild |
FM-2023-0070 | CVE-2023-36036 | Microsoft Windows Cloud Files Mini Filter Driver HsmpRpCommitNoLock Buffer Overflow Vulnerability | In-The-Wild |
FM-2024-0001 | CVE-2024-0517 | Google Chrome Out-of-Bounds Write in V8 | v8CTF |
ferm1.md hosted with ❤ by GitHub
We have also covered several (in)famous, critical issues as well.
Fermium ID | CVE Number | Information | Remarks |
|---|---|---|---|
FM-2019-0033 | CVE-2019-0708 | Microsoft Windows Remote Desktop Services IcaBindVirtualChannels Use-After-Free Vulnerability | a.k.a BlueKeep |
FM-2020-0007 | CVE-2020-0601 | Microsoft Windows Crypto API Elliptic Curve Certificate Spoofing Vulnerability | a.k.a CurveBall |
FM-2020-0027 | CVE-2020-0796 | Microsoft SMBv3 Compression Integer Overflow Out-Of-Bounds Write Vulnerability | a.k.a CoronaBlue / SMBGhost |
FM-2020-0092 | CVE-2020-1472 | Microsoft Windows Netlogon Elevation of Privilege Vulnerability | a.k.a ZeroLogon |
FM-2021-0074 | CVE-2021-41773 | Path Traversal and Remote Code Execution in Apache HTTP Server | Apache Path Traversal |
FM-2021-0089 | CVE-2021-44228 | Apache log4j-core (Log4j2) Remote Code Execution Vulnerability | a.k.a log4j2 |
FM-2022-0061 | CVE-2021-34527 | Microsoft Windows Print Spooler Remote Code Execution Vulnerability | a.k.a PrintNightmare |
FM-2023-0033 | CVE-2023-3269 | Linux Kernel Memory Management Race Condition Vulnerability | a.k.a StackRot |
FM-2023-0039 | CVE-2023-27997 | Fortigate Heap buffer overflow in sslvpn pre-authentication | Fortigate VPN RCE |
ferm2.md hosted with ❤ by GitHub
Fermium-252 empowers you to stay ahead of the ever-evolving threat landscape by continuously tracking the latest vulnerabilities. Our repository of working PoCs and exploit codes assists you in identifying at-risk assets with precision. Moreover, our extensive collection of reports serves as a valuable resource for acquiring in-depth knowledge about vulnerabilities, enhancing your security posture.
Unlock the power of proactive security and safeguard your business. Contact us at contacts@theori.io.
🔵 website: https://theori.io ✉️ vr@theori.io
