Hello World

Specializing in Fuzzing, Vulnerability Research, Reverse Engineering, and Binary Analysis.

My current focus involves Operating Systems, Trusted Execution Environments (TEEs), AI frameworks, Open Source Security, and Database Security, among other areas.

Below is a list of vulnerabilities that I have identified and reported to vendors:

Please note that, in accordance with company policy, records of vulnerabilities discovered after August 2022 will not be updated.

Year – 2021


  • CVE-2021-37972 : Out of bounds read in libjpeg-turbo


  • CVE-2021-38236 : heap-buffer-overflow in raw2image.cpp
  • CVE-2021-38235 : heap-buffer-overflow in fp_dng.cpp

北京数科网维技术有限责任公司 OFD 版式阅读器:

  • CNVD-2021-102082, CNNVD-202111-2224, CNNVD-202111-2225 : Integer Overflow to Buffer Overflow in pdfdom.dll
  • CNVD-2022-00039, CNVD-2022-00040, CNVD-2022-00041, CNVD-2022-00042, CNVD-2022-00043, CNVD-2022-00044, CNVD-2022-00045, CNVD-2022-00046, CNVD-2022-00047, CNVD-2022-00048 Uncontrolled Resource Consumption in suwellofdapp.exe
  • CNVD-2022-00049 : Arbitrary Address Access in swd20.dll

Year – 2022


  • Issue 1312736, Issue 1327884 : null-dereference in PDFium

  • Issue 1314658 : heap-use-after-free in PDFium CPDFSDK_AppStream::Write

Hello World
Posted on
October 25, 2018
Licensed under