Our security analysts practise responsible disclosure and report the zero-day vulnerabilities they discover. Here you will find a list of vulnerabilities they have permission to publish. Due to security-risks associated not all zero-days are published and accredited.
CVE-2019-0972 - Local Security Authority Subsystem Service (LSASS) Remote Denial of Service, Danyal Drew and Elad Shamir
Linux Privilege Escalation via LXD, Chris Moberly
CVE-2018-7669 - Sitecore Directory Traversal Vulnerability, Chris Moberly
CVE-2017-16878 - Reflected cross-site scripting in PAN-OS Captive Portal, Shaun Wheelhouse
A small selection from our list of happy clients