FUZZING TROPHIES

The following list shows fuzzing vulnerabilities and bugs found inside customer projects and open source software. Targeted projects are mainly written in Rust, Golang, C/C++ and JavaScript.

WebAssembly VM/Libraries/Tools

These bugs were found while fuzzing customers projects and during development of WARF (WebAssembly Runtimes Fuzzing project)

[Rust] wasmer – 22 issues
[Rust] cranelift – 2 issues
[Rust] wasmparser – 3 issues
[Rust] wasmtime – 17 issues
[Rust] wain – 4 issues
[Rust] lucet – 2 issues
[C/C++] wasm-micro-runtime – 38 issues
[C/C++] radare2 – 3 issues
[C/C++] wabt – 9 issues
[C/C++] binaryen – 1 issue
[C/C++] wasm3 – 8 issues
[JS] webassemblyjs – 1 issue

Ethereum 2.0 Clients

These bugs were found while working and developing beacon-fuzz for SigmaPrime and the Ethereum Fondation.

[Rust] sigp/lighthouse – 3 issues
[Go] prysm – 7 issues
[Java] Teku – 7 issues
[Nim] nimbus-eth2 – 7 issues (Nim)
[JS] lodestar – 7 issues

Other Softwares

These bugs were found while fuzzing software for free time or while doing bugbounty.

[Go] golang/go – 1 issue
[Go] buildkite/agent – 1 issue
[Go] oasisprotocol/oasis-core – 4 issues
[Go] slackhq/nebula – 2 vulnerabilities

FUZZING TROPHIES

WebAssembly VM/Libraries/Tools

Ethereum 2.0 Clients

Other Softwares

FREE Courses & Training

Enter your email and we'll send you a bundle of awesome resources. 100% free - 100% awesome.

Any questions about our services and trainings ?

Get in touch today with any questions that you might have.