Security researcher & sysadmin · Netherlands · healthcare IT. Disclosed CVEs in identity / auth stacks. Building public research notes here.
A pre-auth heap overflow in libvncclient's Tight decoder
GHSA-v9pm-47h4-jcq8 — a malicious VNC server can crash or take over any client built on libvncclient, default build, no auth. My first CVE, and why the client trusting the server is the whole problem.
hello
First post. What this site is.