Maxwell Garrett (@TheGrandPew)

Title	Vulnerabilities	Programs	Authors
Chaining our way to Pre-Auth RCE in Metabase (CVE-2023-38646)	RCE SQL Injection Security Code Review	Metabase	Shubham Shah (@Infosec_au) Maxwell Garrett (@TheGrandPew)
Pre-Auth RCE in Aspera Faspex: Case Guide for Auditing Ruby on Rails	RCE Security Code Review Missing Authentication Insecure Deserialization	IBM	Maxwell Garrett (@TheGrandPew) Shubham Shah (@Infosec_au)
Exploiting Hardcoded Keys to achieve RCE in Yellowfin BI	RCE Authentication Bypass Security Code Review JWT	Yellowfin BI	Maxwell Garrett (@TheGrandPew) Shubham Shah (@Infosec_au)
Breaking Bitbucket: Pre Auth Remote Command Execution (CVE-2022-36804)	RCE OS Command Injection	Atlassian	Maxwell Garrett (@TheGrandPew)
Remote Code Execution on Element Desktop Application using Node Integration in Sub Frames Bypass - CVE-2022-23597	RCE XSS	Matrix (Element)	S1r1us (@S1r1u5_) Maxwell Garrett (@TheGrandPew)
Visual Studio Code - Remote Code Execution in Restricted Mode (CVE-2021-43908)	RCE XSS	Microsoft	S1r1us (@S1r1u5_) Maxwell Garrett (@TheGrandPew)

Page 1 of 1