Services

Strategic security solutions for all industries, forged for your success.

Infra & Web SecuritySecurity ConsultingSTaaSXint
Blockchain SecurityChainLight Security AuditDigital Asset Risk TrackerRelic Protocol
Vulnerability ResearchFermium-252QueryX
Bug BountyPatchDay
EducationDreamhackDreamhack EnterpriseHiring CTF

About

We hack hackers and lead at the forefront of cybersecurity.

Awards & Achievements History

Newsroom

Explore Theori’s latest updates and breakthroughs.

News Vulnerability Disclosure Publications

Press Kit

Media Resources

Career

Join us in shaping new cybersecurity standards.

Culture Benefits
Career Open Positions FAQ

Contact

Vulnerability Disclosure

NumberTitleDate
CVE-2024-30085Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityJun 11, 2024
CVE-2024-20882Out-of-bounds read vulnerability in bootloaderJun 04, 2024
CVE-2024-20880Stack-based buffer overflow vulnerability in bootloaderJun 04, 2024
CVE-2024-30033Windows Search Service Elevation of Privilege VulnerabilityMay 14, 2024
CVE-2024-22267 VMware Workstation and Fusion vbluetooth use-after-free vulnerability May 14, 2024
CVE-2024-22270VMware Workstation and Fusion HGFS information disclosure vulnerabilityMay 14, 2024
CVE-2024-26643Linux Kernel nf_tables: mark set as dead when unbinding anonymous set with timeoutMar 21, 2024
CVE-2023-52620Linux kernel nf_tables: disallow timeout for anonymous setsMar 21, 2024
CVE-2023-51779Linux kernel bluetooth socket UAFFeb 28, 2024
CVE-2023-51780Linux kernel atm socket UAFJan 11, 2024
CVE-2023-51782Linux kernel rose socket UAFJan 11, 2024
CVE-2023-51781Linux kernel appletalk socket UAFJan 11, 2024
CVE-2023-34044Vmware WorkStation Uninitialized Variable Information LeakOct 20, 2023
CVE-2023-40406Apple ColorSync Arbitrary File ReadSep 27, 2023
CVE-2023-32426An app may be able to gain root privileges in macOSSep 05, 2023
CVE-2023-4073Google Chrome ANGLE Out-of-Bounds Read VulnerabilityAug 02, 2023
CVE-2023-32050Windows Installer Elevation of Privilege VulnerabilityJul 11, 2023
CVE-2023-35320Connected User Experiences and Telemetry Elevation of Privilege VulnerabilityJul 11, 2023
CVE-2022-35757Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityMay 31, 2023
CVE-2023-2929Out of bounds write in Swiftshader in Google ChromeMay 30, 2023
CVE-2023-27955An app may be able to read arbitrary filesMay 08, 2023
CVE-2023-32269there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socketMay 05, 2023
CVE-2023-31436qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.Apr 27, 2023
CVE-2023-28218Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityApr 11, 2023
CVE-2022-42432This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2Mar 29, 2023
ZDI-CAN-20717(Pwn2Own)UAF against Ubuntu DesktopMar 24, 2023
CVE-2023-1213Use after free in Swiftshader in Google ChromeMar 07, 2023
CVE-2023-1095In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object.Feb 28, 2023
CVE-2023-21760Windows Print Spooler Elevation of Privilege VulnerabilityJan 10, 2023
CVE-2023-21542Windows Installer Elevation of Privilege VulnerabilityJan 10, 2023
CVE-2022-4191Use after free in Sign-In in Google Chrome prior to 108.0.5359.Nov 29, 2022
CVE-2022-45919An issue was discovered in the Linux kernel through 6.0.10.Nov 26, 2022
CVE-2022-26717A use after free issue was addressed with improved memory managementNov 01, 2022
CVE-2022-3586A flaw was found in the Linux kernel’s networking codeOct 19, 2022
CVE-2022-38021 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability.Oct 11, 2022
CVE-2022-3435A vulnerability classified as problematic has been found in Linux Kernel.Oct 08, 2022
CVE-2022-32912An out-of-bounds read was addressed with improved bounds checkingSep 20, 2022
CVE-2022-39190An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6Sep 02, 2022
CVE-2022-33649Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityAug 05, 2022
CVE-2022-1479Use after free in ANGLE in Google ChromeJul 26, 2022
CVE-2022-22041Windows Print Spooler Elevation of Privilege VulnerabilityJul 12, 2022
CVE-2022-30162Windows Kernel Information Disclosure Vulnerability.Jun 15, 2022
CVE-2022-26722A memory initialization issue was addressed.May 26, 2022
CVE-2022-26748An out-of-bounds write issue was addressed with improved input validationMay 26, 2022
CVE-2022-26721A memory initialization issue was addressed.May 26, 2022
CVE-2022-24499Windows Installer Elevation of Privilege VulnerabilityApr 12, 2022
CVE-2022-24479Connected User Experiences and Telemetry Elevation of Privilege Vulnerability.Apr 12, 2022
CVE-2022-0792Out of bounds read in ANGLE in Google ChromeApr 04, 2022
CVE-2022-23284Windows Print Spooler Elevation of Privilege Vulnerability.Mar 09, 2022
CVE-2021-4066Integer underflow in ANGLE in Google ChromeDec 22, 2021
CVE-2021-38012Type confusion in V8 in Google ChromeDec 22, 2021
CVE-2021-43231Windows NTFS Elevation of Privilege VulnerabilityDec 15, 2021
CVE-2021-43207Windows Common Log File System Driver Elevation of Privilege VulnerabilityDec 15, 2021
CVE-2021-43226Windows Common Log File System Driver Elevation of Privilege VulnerabilityDec 15, 2021
CVE-2021-41370NTFS Elevation of Privilege VulnerabilityNov 09, 2021
CVE-2021-37980Inappropriate implementation in Sandbox in Google ChromeNov 02, 2021
CVE-2021-30626Out of bounds memory access in ANGLE in Google ChromeOct 08, 2021
CVE-2021-30628Stack buffer overflow in ANGLE in Google ChromeOct 08, 2021
CVE-2021-30743An out-of-bounds write was addressed with improved input validationSep 08, 2021
CVE-2021-31961Windows InstallService Elevation of Privilege VulnerabilityJul 14, 2021
CVE-2021-31187Windows WalletService Elevation of Privilege VulnerabilityMay 11, 2021
ZDI-CAN-13246Parallels Desktop virtio-net Memory Corruption Privilege Escalation VulnerabilityMar 24, 2021
CVE-2021-1640Windows Print Spooler Elevation of Privilege VulnerabilityMar 09, 2021
CVE-2021-26880Storage Spaces Controller Elevation of Privilege VulnerabilityMar 09, 2021
CVE-2021-26900Windows Win32k Elevation of Privilege VulnerabilityMar 09, 2021
CVE-2021-27965Buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request.Mar 04, 2021
CVE-2021-1695Windows Print Spooler Elevation of Privilege VulnerabilityJan 12, 2021
CVE-2021-1685Windows AppX Deployment Extensions Elevation of Privilege VulnerabilityJan 12, 2021
CVE-2021-1697Windows InstallService Elevation of Privilege VulnerabilityJan 12, 2021
CVE-2020-10007A malicious application may be able to determine kernel memory layout.Dec 08, 2020
CVE-2020-17010Win32k Elevation of Privilege VulnerabilityNov 10, 2020
CVE-2020-17014Windows Print Spooler Elevation of Privilege VulnerabilityNov 10, 2020
CVE-2020-17024Windows Client Side Rendering Print Provider Elevation of Privilege VulnerabilityNov 10, 2020
CVE-2020-17042Windows Print Spooler Remote Code Execution VulnerabilityNov 10, 2020
CVE-2020-17041Windows Print Configuration Elevation of Privilege VulnerabilityNov 10, 2020
CVE-2020-16005Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.Nov 02, 2020
CVE-2020-27675drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition).Oct 22, 2020
CVE-2020-16919Windows Enterprise App Management Service Information Disclosure VulnerabilityOct 13, 2020
CVE-2020-25773A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected productsSep 28, 2020
CVE-2020-6545Use after free in audio in Google Chrom allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.Sep 21, 2020
CVE-2020-17402Allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 (47270)Aug 25, 2020
CVE-2020-7822Heap-based overflow vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exeAug 04, 2020
CVE-2020-7823Memory corruption vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe.Aug 04, 2020
CVE-2020-7827Use-After-Free vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exeJul 30, 2020
CVE-2020-7828Heap-based overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe.Jul 30, 2020
CVE-2020-7829Heap-based overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe.Jul 30, 2020
CVE-2020-6534Heap buffer overflow in WebRTC in Google Chrome allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.Jul 22, 2020
CVE-2020-7818Heap-based overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exeJul 17, 2020
CVE-2020-1405Windows Mobile Device Management Diagnostics Elevation of Privilege VulnerabilityJul 14, 2020
CVE-2020-1330Windows Mobile Device Management Diagnostics Information Disclosure VulnerabilityJul 14, 2020
CVE-2020-9839An application may be able to gain elevated privileges. (iOS, iPadOS, macOS, tvOS, watchOS)Jun 09, 2020
CVE-2020-9856An application may be able to gain elevated privileges. (Apple macOS)Jun 09, 2020
CVE-2020-9801A malicious process may cause Safari to launch an application.Jun 09, 2020
CVE-2020-9850 A remote attacker may be able to cause arbitrary code execution.Jun 09, 2020
CVE-2020-1078Windows Installer Elevation of Privilege VulnerabilityMay 12, 2020
CVE-2020-1081Windows Printer Service Elevation of Privilege VulnerabilityMay 12, 2020
CVE-2020-1154Windows Common Log File System Driver Elevation of Privilege VulnerabilityMay 12, 2020
CVE-2020-3839An application may be able to read restricted memory.Feb 27, 2020
theori-small-logo
ServicesSecurity ConsultingSTaaSXintChainLight Security AuditDigital Asset Risk TrackerRelic ProtocolFermium-252QueryXPatchDayDreamhackDreamhack EnterpriseHiring CTF
AboutAwards & AchievementsHistory
NewsroomTheori NewsVulnerability DisclosurePublicationsPress KitMedia Resources
CultureBenefitsOpen PositionsFAQ

Stay in the Loop with Theori's Latest Stories.

theori-small-logo

Stay in the Loop with Theori's Latest Stories.

Theori © 2024 All rights reserved.