Patch Diffing | writeups.xyz

Title	Vulnerabilities	Programs	Authors
Why nested deserialization is harmful: Magento XXE (CVE-2024-34102)	Insecure Deserialization XXE Patch Diffing Security Code Review	Magento	Adam Kues (@Hash_kitten) Shubham Shah (@Infosec_au)
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762	RCE Out-of-Bounds Write Memory Corruption Patch Diffing	Fortinet	Dylan Pindur
Hunting for Unauthenticated n-days in Asus Routers	RCE Format String Vulnerability Reverse Engineering Patch Diffing	Asus	TheZero (@Th3Zer0) Suidpit (@Suidpit)
CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive	Authentication Bypass Path Traversal Security Code Review Patch Diffing	Fortra (GoAnywhere)	Zach Hanley (@Hacks_zach)
Unauthenticated RCE in Adobe Coldfusion – CVE-2023-26360	RCE Insecure Deserialization Arbitrary File Read Patch Diffing Security Code Review	Adobe (ColdFusion)	SecureLayer7 (@SecureLayer7)
CVE-2023-33466 - Exploiting Healthcare Servers with Polyglot Files	DICOM RCE Arbitrary File Overwrite Arbitrary File Upload Patch Diffing	Asus	TheZero (@Th3Zer0) Suidpit (@Suidpit)
Adobe ColdFusion Pre-Auth RCE(s)	RCE ColdFusion JNDI Injection Insecure Deserialization Security Code Review Patch Diffing	Adobe (ColdFusion)	Harsh Jaiswal (@Rootxharsh) Rahul Maini (@Iamnoooob)

Page 1 of 1