我们的贡献
| ID | Company | Product | Date | Type | VID | Details |
|---|---|---|---|---|---|---|
| Wukong, Tencent | apache | Apache Hive Standalone Metastore | 2025-10-27 | SQL Injection | CVE-2025-62728 | CVEID |
| kikayli | / | NVIDIA Isaac Sim Framework | 2025-10-13 | RCE | CVE-2025-23356 | CVEID |
| Wukong, Tencent | nvidia | NVIDIA Megatron-LM | 2025-09-01 | Code Injection | CVE-2025-23348 | CVEID |
| kikayli | / | NVIDIA Nemo | 2025-08-29 | RCE | CVE-2025-23312 | CVEID |
| Wukong, Tencent | LLaMA-Factory | LLaMA-Factory | 2025-06-26 | RCE | CVE-2025-53002 | CVEID |
| Wukong, Tencent | langchain | langchain | 2025-06-02 | XXE | CVE-2025-6984 | CVEID |
| kikayli | / | vllm | 2025-05-20 | RCE | CVE-2025-47277 | CVEID |
| kikayli | / | vite | 2025-04-02 | Path Traversal | CVE-2025-31486 | CVEID |
| niubl | / | Ruby | 2022-04-12 | Double free | CVE-2022-28738 | Ruby Security |
| niubl | / | Ruby | 2022-04-12 | Buffer overrun | CVE-2022-28739 | Ruby Security |
| niubl | / | Redmine | 2021-04-26 | Arbitrary file read | CVE-2021-31863 | CVEID |
| niubl | / | Node.js | 2021-01-04 | HTTP Request Smuggling | CVE-2020-8287 | Node.js Security |
| Clarkhe | inspur | BMC | 2020-12-04 | Authentication Bypass | CVE-2020-26122 | Inspur Advisor |
| Nicky | / | EV Charger | 2020-10-24 | Free Charging | / | GeekPwn 2020 |
| niubl | / | ruby | 2020-09-29 | HTTP Request Smuggling | CVE-2020-25613 | Ruby Security |
| Xbalien | Semtech | basicstation | 2020-06-18 | Use-After-Free | CVE-2020-4060 | CVEID |
| Xbalien | Semtech | LoRaMac-Node | 2020-05-26 | Buffer Overflow | CVE-2020-11068 | CVEID |
| Wenxiang Qian | SQLite/Google | Chrome | 2019-12-11 | Out-of-bounds Write | CVE-2019-13734 | Google Security |
| Wenxiang Qian | SQLite/Google | Chrome | 2019-12-11 | Protection Bypass | CVE-2019-13750 | Google Security |
| Wenxiang Qian | SQLite/Google | Chrome | 2019-12-11 | Uninited Data Read | CVE-2019-13751 | Google Security |
| Wenxiang Qian | SQLite/Google | Chrome | 2019-12-11 | Out-of-bounds Read | CVE-2019-13752 | Google Security |
| Wenxiang Qian | SQLite/Google | Chrome | 2019-12-11 | Out-of-bounds Read | CVE-2019-13753 | Google Security |
| Xbalien | Chrome | 2019-11-13 | Use-after-free | CVE-2019-13723 | Google Security | |
| Xbalien | Chrome | 2019-11-13 | Out-of-bounds access | CVE-2019-13724 | Google Security | |
| Xiling Gong | Qualcomm | Android | 2019-08-01 | Remote Code Execution | CVE-2019-10539 | Qualcomm Security |
| Xiling Gong | Qualcomm | Android | 2019-08-01 | Buffer Overflow | CVE-2019-10540 | Qualcomm Security |
| Xiling Gong | Android | 2019-08-01 | Elevation of Privilege | CVE-2019-10538 | Google Security | |
| Xbalien | Chrome | 2019-03-19 | Use-after-free | CVE-2019-5863 | Google Security | |
| Wenxiang Qian | Chrome | 2019-03-07 | Out of Bounds Read | CVE-2019-5835 | Google Security | |
| Wenxiang Qian | curl | libcurl | 2019-02-06 | Out-of-bounds Read | CVE-2018-16890 | Curl security |
| Wenxiang Qian | curl | libcurl | 2019-02-06 | Stack Buffer Overflow | CVE-2019-3822 | Curl security |
| Wenxiang Qian | SQLite/Google | SQLite/Chromium | 2018-11-01 | Buffer Overflow/Mem Leak | CVE-2018-20346 | Google Security |
| Wenxiang Qian | SQLite/Google | SQLite/Chromium | 2018-11-01 | Buffer Overflow/Mem Leak | CVE-2018-20505 | Google Security |
| Wenxiang Qian | SQLite | SQLite | 2018-11-01 | Remote DoS | CVE-2018-20506 | SQLite Security |
| Nicky | Microsoft | Cortana | 2018-07-15 | Android App RCE | - | Microsoft Security |
| Wenxiang Qian | / | libcivetweb | 2018-06-22 | Out-of-Bounds | CVE-2018-12684 | CVE ORG |
| Wenxiang Qian | / | libcivetweb | 2018-06-22 | Information Leak | CVE-2018-12685 | CVE ORG |
| Wenxiang Qian | / | libcivetweb | 2018-06-22 | Remote Code Execution | CVE-2018-12686 | CVE ORG |
| Nicky & Xbalien | XiaoMi | MI AI Speaker | 2018-06-08 | Remote Command Execute | - | XiaoMi Security |
| riusksk | TensorFlow | 2018-06-01 | Out-of-bounds Read | CVE-2018-7574 | Google Security | |
| riusksk | TensorFlow | 2018-06-01 | Null Pointer Dereference | CVE-2018-7576 | Google Security | |
| Bo Zhang | TensorFlow | 2018-06-01 | Out-of-bounds Read | CVE-2018-8825 | Google Security | |
| Bo Zhang | TensorFlow | 2018-06-01 | Out-of-bounds Read | CVE-2018-7575 | Google Security | |
| Bo Zhang | TensorFlow | 2018-06-01 | memcpy-param-overlap | CVE-2018-7577 | Google Security | |
| Bo Zhang | TensorFlow | 2018-06-01 | heap buffer overflow | CVE-2018-10055 | Google Security | |
| Bo Zhang | Android | 2018-05-25 | Out-of-Bounds | CVE-2017-15853 | Android Security | |
| Peter Pi | Qualcomm | Android | 2018-05-11 | Elevation of Privilege | CVE-2018-3571 | Qualcomm Security |
| Peter Pi | Qualcomm | Android | 2018-05-11 | Elevation of Privilege | CVE-2018-3572 | Qualcomm Security |
| Xiling Gong | Android | 2018-05-01 | Remote Code Execution | CVE-2018-5912 | Android Security | |
| Xiling Gong | Android | 2018-05-01 | Remote Code Execution | CVE-2018-2256 | Android Security | |
| Peter Pi | Qualcomm | Android | 2018-04-25 | Elevation of Privilege | CVE-2018-3563 | Qualcomm Security |
| Zhiyang Zeng | Apple | iMessage | 2018-04-24 | UI spoofing | CVE-2018-4187 | Apple Security |
| saiy | TOPThink | ThinkPHP | 2018-04-10 | SQL Injection | - | |
| Peter Pi | Android | 2018-04-05 | Information Leak | CVE-2018-9421 | Android Security | |
| Peter Pi | Android | 2018-04-05 | Information Leak | CVE-2018-9420 | Android Security | |
| Peter Pi | Android | 2018-04-05 | Information Leak | CVE-2018-9345 | Android Security | |
| Peter Pi | Android | 2018-04-05 | Information Leak | CVE-2018-9346 | Android Security | |
| Zhiyang Zeng | Apple | Safari | 2018-03-29 | UI spoofing | CVE-2018-4134 | Apple Security |
| Peter Pi | Qualcomm | Android | 2018-03-29 | Elevation of Privilege | CVE-2017-15829 | Qualcomm Security |
| Peter Pi | Qualcomm | Android | 2018-03-29 | Elevation of Privilege | CVE-2017-15820 | Qualcomm Security |
| Peter Pi | Qualcomm | Android | 2018-03-29 | Elevation of Privilege | CVE-2017-14886 | Qualcomm Security |
| Peter Pi | Android | 2018-03-06 | Elevation of Privilege | CVE-2017-13269 | Android Security | |
| ZhangBo | Android | 2018-03-06 | Elevation of Privilege | CVE-2017-18069 | Android Security | |
| Xiling Gong | Android | 2018-02-05 | Elevation of Privilege | CVE-2017-15852 | Android Security | |
| ZhangBo | Android | 2018-02-05 | Elevation of Privilege | CVE-2015-9016 | Android Security | |
| Peter Pi | Qualcomm | Android | 2018-01-26 | Elevation of Privilege | CVE-2017-14873 | Qualcomm Security |
| Wolfu | Android | 2018-01-05 | Elevation of Privilege | CVE-2017-13219 | Android Security | |
| Wolfu | Android | 2018-01-05 | Elevation of Privilege | CVE-2017-13207 | Android Security | |
| Peter Pi | Qualcomm | Android | 2017-12-14 | Elevation of Privilege | CVE-2017-11031 | Qualcomm Security |
| riusksk | Adobe | Acrobat Pro DC | 2017-11-15 | Memory Corruption | CVE-2017-11293 | Adobe Security |
| riusksk | Adobe | Acrobat Pro DC | 2017-11-15 | Memory Corruption | CVE-2017-16408 | Adobe Security |
| riusksk | Adobe | Acrobat Pro DC | 2017-11-15 | Memory Corruption | CVE-2017-16409 | Adobe Security |
| riusksk | Adobe | Acrobat Pro DC | 2017-11-15 | Memory Corruption | CVE-2017-16410 | Adobe Security |
| riusksk | Adobe | Acrobat Pro DC | 2017-11-15 | Memory Corruption | CVE-2017-16411 | Adobe Security |
| riusksk | Adobe | Acrobat Pro DC | 2017-11-15 | Memory Corruption | CVE-2017-16399 | Adobe Security |
| riusksk | Adobe | Acrobat Pro DC | 2017-11-15 | Memory Corruption | CVE-2017-16395 | Adobe Security |
| riusksk | Adobe | Acrobat Pro DC | 2017-11-15 | Memory Corruption | CVE-2017-16394 | Adobe Security |
| riusksk | Adobe | Adobe Digital Editions | 2017-11-15 | Memory Corruption | CVE-2017-11301 | Adobe Security |
| Bo Zhang | Android | 2017-11-07 | Elevation of Privilege | CVE-2017-11600 | Android Security | |
| Peter Pi | Android | 2017-11-07 | Elevation of Privilege | CVE-2017-11091 | Android Security | |
| Xiling Gong | Android | 2017-11-07 | Elevation of Privilege | CVE-2017-9690 | Android Security | |
| Wolfu | Android | 2017-11-07 | Elevation of Privilege | CVE-2017-0863 | Android Security | |
| Wolfu | Android | 2017-11-07 | Elevation of Privilege | CVE-2017-11073 | Android Security | |
| Wolfu | Android | 2017-11-07 | Elevation of Privilege | CVE-2017-11093 | Android Security | |
| Zhiyang Zeng | Apple | Safari | 2017-11-01 | URL Spoofing | CVE-2017-13790 | Apple Security |
| Peter Pi | Android | 2017-10-03 | Elevation of Privilege | CVE-2017-11046 | Android Security | |
| Wolfu | Android | 2017-10-03 | Elevation of Privilege | CVE-2017-11050 | Android Security | |
| Wolfu | Android | 2017-10-03 | Elevation of Privilege | CVE-2017-11051 | Android Security | |
| Wolfu | Android | 2017-10-03 | Elevation of Privilege | CVE-2017-11067 | Android Security | |
| riusksk | Apple | Xcode | 2017-09-20 | Memory Corruption | CVE-2017-7076 | Apple Security |
| riusksk | Apple | Xcode | 2017-09-20 | Memory Corruption | CVE-2017-7134 | Apple Security |
| riusksk | Apple | Xcode | 2017-09-20 | Memory Corruption | CVE-2017-7135 | Apple Security |
| riusksk | Apple | Xcode | 2017-09-20 | Memory Corruption | CVE-2017-7136 | Apple Security |
| riusksk | Apple | Xcode | 2017-09-20 | Memory Corruption | CVE-2017-7137 | Apple Security |
| Bo Zhang | Red Hat | Linux kernel | 2017-09-07 | Denial of Service | CVE-2017-12153 | Redhat Security |
| riusksk | Adobe | Acrobat Reader | 2017-08-09 | Memory Corruption | CVE-2017-3016 | Adobe Security |
| riusksk | Adobe | Adobe Digital Editions | 2017-08-09 | Memory Corruption | CVE-2017-11280 | Adobe Security |
| riusksk | Apple | macOS | 2017-07-20 | Out-of-Bounds | CVE-2017-7015 | Apple Security |
| riusksk | Apple | macOS | 2017-07-20 | Out-of-Bounds | CVE-2017-7016 | Apple Security |
| riusksk | Apple | macOS | 2017-07-20 | Stack Overflow | CVE-2017-7033 | Apple Security |
| Zhiyang Zeng | Apple | Safari | 2017-07-20 | Memory Corruption | CVE-2017-7019 | Apple Security |
| Xiling Gong | Android | 2017-07-06 | Information Disclosure | CVE-2017-0708 | Android Security | |
| Xbalien | Android | 2017-07-06 | Elevation of privilege | CVE-2017-0704 | Android Security | |
| Xbalien | Android | 2017-07-06 | Information Disclosure | CVE-2017-0669 | Android Security | |
| Xiling Gong | Chrome | 2017-06-16 | Out-of-Bounds | CVE-2017-5088 | Chrome Security | |
| riusksk | Adobe | Adobe Digital Editions | 2017-06-14 | Out-of-Bounds | CVE-2017-3093 | Adobe Security |
| riusksk | Adobe | Adobe Digital Editions | 2017-06-14 | Stack Overflow | CVE-2017-3094 | Adobe Security |
| riusksk | Adobe | Adobe Digital Editions | 2017-06-14 | Stack Overflow | CVE-2017-3095 | Adobe Security |
| riusksk | Adobe | Adobe Digital Editions | 2017-06-14 | Memory Corruption | CVE-2017-3096 | Adobe Security |
| Zhiyang Zeng | Chrome | 2017-06-05 | Logical Vulnerability | CVE-2017-5085 | Chrome Security | |
| Xiling Gong | Android | 2017-06-05 | Elevation of privilege | CVE-2017-8236 | Android Security | |
| Zhiyang Zeng & Yuyang Zhou | Apple | Safari | 2017-05-16 | URL Spoofing | CVE-2017-2500 | Apple Security |
| Zhiyang Zeng | Apple | Safari | 2017-05-16 | URL Spoofing | CVE-2017-2511 | Apple Security |
| Xiling Gong | Android | 2017-05-05 | Elevation of privilege | CVE-2017-0597 | Android Security | |
| riusksk | Adobe | Acrobat Reader | 2017-04-12 | Out-of-Bounds | CVE-2017-3040 | Adobe Security |
| riusksk | Adobe | Acrobat Reader | 2017-04-12 | Memory Corruption | CVE-2017-3039 | Adobe Security |
| kimyok | Adobe | Acrobat Reader | 2017-04-12 | Memory Corruption | CVE-2017-3017 | Adobe Security |
| kimyok | Adobe | Acrobat Reader | 2017-04-12 | Memory Corruption | CVE-2017-3018 | Adobe Security |
| kimyok | Adobe | Acrobat Reader | 2017-04-12 | Memory Corruption | CVE-2017-3024 | Adobe Security |
| kimyok | Adobe | Acrobat Reader | 2017-04-12 | Memory Corruption | CVE-2017-3025 | Adobe Security |
| kimyok | Adobe | Acrobat Reader | 2017-04-12 | Memory Corruption | CVE-2017-3065 | Adobe Security |
| Zhiyang Zeng | / | MyBB | 2017-04-04 | XSS | CVE-2017-8103 | CVE ORG |
| Zhiyang Zeng | / | MyBB | 2017-04-04 | Directory Traversal | CVE-2017-8104 | CVE ORG |
| riusksk | Apple | macOS/iOS | 2017-03-28 | Heap Overflow | CVE-2017-2379 | Apple Security |
| riusksk | Apple | macOS/iOS | 2017-03-28 | Denial of Service | CVE-2017-2417 | Apple Security |
| riusksk | Apple | macOS/iOS | 2017-03-28 | Out-of-Bounds | CVE-2017-2487 | Apple Security |
| riusksk | Apple | macOS/iOS | 2017-03-28 | Memory Corruption | CVE-2017-2406 | Apple Security |
| riusksk | Apple | macOS/iOS | 2017-03-28 | Memory Corruption | CVE-2017-2407 | Apple Security |
| kimyok | Apple | macOS | 2017-03-28 | Memory Corruption | CVE-2017-2431 | Apple Security |
| kimyok | Apple | macOS | 2017-03-28 | Double Free | CVE-2017-2435 | Apple Security |
| Yuyang Zhou | Apple | Safari | 2017-03-28 | URL Spoofing | CVE-2017-2376 | Apple Security |
| 深夜饮酒 | Apple | Safari | 2017-03-28 | HTTP Authentication Spoofing | CVE-2017-2389 | Apple Security |
| Nicky | Huawei | EMUI | 2017-03-23 | Bluetooth Unlock Bypassing | CVE-2017-2728 | Security Advisories |
| zhaohuan | Apple | mfi.apple.com | 2017-03-07 | Server Configuration | - | Apple Security |
| zhaohuan | Apple | developer.apple.com | 2017-03-07 | Server Configuration | - | Apple Security |
| zhaohuan | Apple | ara.apple.com | 2017-03-07 | Server Configuration | - | Apple Security |
| riusksk | Foxit | Foxit Reader | 2017-03-02 | Memory Corruption | CVE-2017-5989 | Security Bulletins |
| Nicky | Huawei | EMUI | 2017-02-23 | Remote Code Execution | CVE-2017-2699 | Security Advisories |
| riusksk | Adobe | Acrobat Reader | 2017-02-16 | Heap Overflow | CVE-2017-2959 | Adobe Security |
| Peter Pi | Qualcomm | Android | 2017-02-16 | Elevation of Privilege | CVE-2018-11047 | Qualcomm Security |
| Peter Pi | Qualcomm | Android | 2017-02-16 | Elevation of Privilege | CVE-2018-15826 | Qualcomm Security |
| Nicky | LineCorp | Line | 2017-01-13 | Cross Site Script | / | HallofFame |
| Xbalien | Android | 2017-01-04 | Elevation of Privilege | CVE-2017-0395 | Android Security | |
| riusksk | / | libarchive | 2016-12-29 | Use After Free | CVE-2016-10080 | CVE ORG |
| Neargle | Flask | Flask | 2016-12-24 | Cross Site Script | CVE-2016-10516 | Flask Security |
| kimyok | / | libwebp | 2016-12-16 | Memory Corruption | CVE-2016-9969 | CVE ORG |
| riusksk | Apple | macOS/iOS | 2016-12-14 | Out-of-Bounds | CVE-2016-7595 | Apple Security |
| riusksk | Apple | macOS/iOS | 2016-12-14 | Out-of-Bounds | CVE-2016-4691 | Apple Security |
| riusksk | Apple | macOS | 2016-12-14 | Memory Corruption | CVE-2016-7618 | Apple Security |
| riusksk | Apple | macOS | 2016-12-14 | Memory Corruption | CVE-2016-7622 | Apple Security |
| riusksk | / | giflib | 2016-12-13 | Out-of-Bounds | CVE-2016-9944 | CVE ORG |
| riusksk | / | OpenJPEG | 2016-12-07 | Memory Corruption | CVE-2016-9890 | CVE ORG |
| Xbalien | Android | 2016-12-06 | Elevation of Privilege | CVE-2016-6771 | Android Security | |
| riusksk | / | libxml2 | 2016-12-05 | Out-of-Bounds | CVE-2016-9833 | CVE ORG |
| kimyok | pdfium | 2016-12-04 | Out-of-Bounds | CVE-2016-9805 | CVE ORG | |
| riusksk | / | OpenJPEG | 2016-12-01 | Memory Corruption | CVE-2016-9753 | CVE ORG |
| kimyok | VRCore | 2016-11-30 | Auth Bypass | / | Google VRP | |
| kimyok | syncadapters | 2016-11-19 | Auth Bypass | CVE-2019-9281 | Google VRP | |
| Nicky | / | ExponentCMS | 2016-11-11 | SQL Injection | CVE-2016-9272 | Github Issue |
| askyshang | Android | 2016-11-01 | Denial of service | CVE-2016-6713 | Android Security | |
| riusksk | Apple | Mac OS X | 2016-09-21 | Memory Corruption | CVE-2016-4779 | HT207170 |
| riusksk | Apple | Xcode | 2016-09-14 | Memory Corruption | CVE-2016-4705 | HT207140 |
| Yuyang Zhou | Chrome | 2016-08-21 | Scheme bypass | CVE-2016-5193 | Google Security | |
| Yuyang Zhou | Mozilla | Firefox | 2016-08-04 | same-origin policy bypass | CVE-2016-5291 | Mozilla Security |
| 深夜饮酒 | Chrome | 2016-07-21 | Content-Security-Policy bypass | CVE-2016-5135 | Chrome Security | |
| Xiling Gong | Android | 2016-07-07 | Elevation of privilege | CVE-2016-3745 | Android Security | |
| Xiling Gong | Android | 2016-06-06 | Information Disclosure | CVE-2016-2499 | Android Security | |
| Nicky | Lenovo | ShareIt | 2016-05-19 | UXSS | CVE-2016-4783 | LEN-6421 |
| Nicky | Lenovo | ShareIt | 2016-05-19 | Intent Scheme URL attack | CVE-2016-4782 | LEN-6421 |
| riusksk | / | libgd | 2016-05-01 | Double Free | CVE-2016-4413 | libgd bug 208 |
| Nicky | / | dotCMS | 2016-04-12 | SQL Injection | CVE-2016-2355 | dotCMS SI-35 |
| riusksk | / | libav | 2016-03-18 | Memory Corruption | CVE-2016-3184 | libav bug 930 |
| riusksk | Yahoo | WebMail | 2016-03-18 | XSS | / | Hackerone |
| riusksk | / | libav | 2016-03-11 | Memory Corruption | CVE-2016-3062 | libav bug 929 |
| riusksk | Adobe | Flash Player | 2016-03-11 | Memory Corruption | CVE-2016-0992 | APSB16-08 |
| Do9gy | / | Cacti | 2016-03-07 | SQL Injection | CVE-2016-3172 | Cacti 0002667 |
| zhaohuan | / | JiveSoftware | 2016-02-03 | Directory Traversal | CVE-2016-2534 | EDB-ID 39405 |
| riusksk | / | libtiff | 2015-12-28 | Heap Overflow | CVE-2015-8668 | Redhat Bug 129425 |
| Do9gy | / | phpMyAdmin | 2015-12-25 | Info Leak | CVE-2015-8669 | PMASA-2015-6 |
| riusksk && monster | Lakala | Lakala POS | 2015-10-24 | Access Control Weakness | / | GeekPwn2015 |
| riusksk | Suning | ifPay | 2015-10-24 | Remote Code Execution | / | GeekPwn2015 |
| zhuliang | iBoxPay | iBoxPay POS | 2015-10-24 | Access Control Weakness | / | GeekPwn2015 |
| nicky | ChangDi | Changdi Smart Oven | 2015-10-24 | Authentication Bypass | / | GeekPwn2015 |
| Gmxp | DJI | Phantom Drone | 2015-10-24 | Authentication Bypass | / | GeekPwn2015 |
| Gmxp | Apple | XcodeGhost | 2015-09-12 | Backdoor | / | TSRC Blog |
| monster | Yeahka | Yeahka POS | 2014-12-23 | Access Control Weakness | / | GeekPwn2014 |
| riusksk | Konke | Konke Smart Plug | 2014-10-24 | Authentication Bypass | / | GeekPwn2014 |
| monster | Baidu | iermu Camera | 2014-10-24 | Authentication Bypass | / | GeekPwn2014 |
| Gmxp | Sciener | Sciener Smart Door Lock | 2014-10-24 | Info Leak & Authentication Bypass | / | GeekPwn2014 |
| zhaohuan | Ebay | WebSite | 2014-06-10 | Remote Code Execution | / | Ebay |
| zhaohuan | Yahoo | WebSite | 2014-04-01 | Remote Code Execution | / | Hackerone |
| zhaohuan | Evernote | WebSite | 2014-04-01 | Remote Code Execution | / | Evernote |
| dragonltx | Apple | QuickTime Player | 2014-02-25 | Heap Overflow | CVE-2014-1249 | HT202932 |
| riusksk | Alibaba | WebSite | 2014-01-11 | Multiple Dom XSS | / | ASRC |
| riusksk | NetEase | WebSite | 2013-07-17 | Multiple Remote Code Execution | / | NSRC |
| riusksk | Baidu | WebSite | 2013-07-17 | Multiple Remote Code Execution | / | BSRC |
| riusksk | Baidu | WebSite | 2013-07-03 | Multiple SQL Injection | / | BSRC |
| riusksk | Microsoft | DirectShow | 2013-02-12 | Heap Overflow | CVE-2013-0077 | MS13-011 |
| zhaohuan | PayPal | WebSite | 2013-02-11 | Multiple XSS | / | Paypal |
| riusksk | NetEase | WebSite | 2013-01-17 | Multiple Dom XSS | / | NSRC |
| xti9er && chouqiu | / | phpMyAdmin && SourceForge | 2012-09-25 | Backdoor | CVE-2012-5159 | PMASA-2012-5 SourceForge blog |
| zhaohuan | Microsoft | WebSite | 2012-01-01 | SQL Injection && XSS | / | Microsoft |
| lake2 | Adobe | Flash Player | 2011-01-01 | Cross-domain Policy Bypass | CVE-2011-2458 | APSB11-28 |
| lake2 | Adobe | Flash Player | 2009-07-30 | Heap Overflow | CVE-2009-1862 | APSB09-10 |