logo-unlock-security

Blog

The cyber security blog where research and innovation are shared

Analysis of XXE 0days in PHPSpreadsheet < 3.4.0
AnalysisResearch
Analysis of XXE 0days in PHPSpreadsheet < 3.4.0
 12/03/2025

We deep-dive into how it has been possible to find two XXE 0day vulnerabilities in PHPSPreadsheet, bypassing the actual defences and subsequent fixes.

Francesco Marano
Read more
How to request a CVE for a vulnerability
How to
How to request a CVE for a vulnerability
 18/03/2024

Submit a new CVE may not be so intuitive. In this article we look at all the steps and answer common questions.

Francesco Marano
Read more
OSINT Challenge #2 – The ideal house
OSINT
OSINT Challenge #2 – The ideal house
 20/10/2023

We are using Open Source INTelligence (OSINT) to show how to find the address of the house by using its pictures in a real estate advertisement.

Francesco Marano
Read more
OSINT Challenge #1 – Can you tell where it is?
OSINT
OSINT Challenge #1 – Can you tell where it is?
 21/09/2023

We are using Open Source INTelligence (OSINT) to show how it is possible to determine the exact location where a picture was taken.

Francesco Marano
Read more
Analysis of CVE-2022-23093 (FreeBSD Ping Stack Overflow)
Analysis
Analysis of CVE-2022-23093 (FreeBSD Ping Stack Overflow)
 24/05/2023

We are analyzing CVE-2022-23093, step by step, to eventually answer the question: is it possible to get RCE, or not?

Francesco Marano
Read more
How the guests of a hotel were scammed
Analysis
How the guests of a hotel were scammed
 17/02/2023

Unlock Security intervened to look into repeated scams against the guests of a hotel. This is how the scammer stole the reservation details.

Francesco Marano
Read more
1 2

Latest reported vulnerabilities

You may also be interested in

Disclosure Policy
How we report vulnerabilities
Advisory
Our submitted vulnerabilities
Close
Search

Hit enter to search or ESC to close