Pentester / Security researcher
I share with you my discoveries around pentesting and security research.
Here is the list of the vulnerabilities I discovered in products and that were published.
CVE-2020-7315 McAfee Agent DLL injection
CVE-2020-4311 IBM Tivoli Monitoring weak folder permissions
CVE-2019-1172 Disclosure of Azure AD personal account auth token to malicious websites when using the recommended browser extension 2/2
CVE-2019-1172 Disclosure of Azure AD personal account auth token to malicious websites when using the recommended browser extension 1/2
CVE-2019-1172 Windows Azure Active Directory user token disclosure
CVE-2018-3621 Intel Driver & Support Assistant: Drivers information disclosure bug through incorrect validation of the Origin header in local API requests (< 126.96.36.199)
CVE-2018-15481 UCOPIA Wireless Appliance restricted shell escape (< 5.1.13)
CVE-2017-17743 UCOPIA Wireless Appliance restricted shell escape (< 5.1.11 / 5.0.19 / 4.4.20)
CVE-2017-7344 Fortinet FortiClient Windows privilege escalation at logon
CVE-2016-5007 Spring Security / MVC Path Matching Inconsistency