About

Just a collection of handy code snippets and experiments.

CVEs I contributed to or discovered:

• CVE-2018-14890
• CVE-2018-14891
• CVE-2018-14889
• CVE-2022-4039 Unauthenticated Management Interface leads to RCE on Red Hat Single Sign-On for Openshift images
• CVE-2023-3899 RHEL 7/8 Local Privilege Escalation
• CVE-2023-50728 Unauthenticated Denial of Service in the octokit/webhooks library
• CVE-2024-0217 Use After Free due to Integer Overflow in PackageKit
• CVE-2024-25131 OpenShift Privilege Escalation through MustGather Operator
• CVE-2025-3931 RHEL 10 Local Privilege Escalation
• CVE-2024-8939 vLLM Denial of Service
• CVE-2024-45496 OpenShift Privilege Escalation through “custom” Builds
• CVE-2024-45497 OpenShift Node Denial of Service through “custom” Builds
• CVE-2024-7079 Unauthenticated Installation of Helm Charts through OpenShift Console
• CVE-2024-7128 CVE-2024-6538 CVE-2024-7631 OpenShift Console Unauthenticated Path Traversal, SSRF, and Information Leaks