tl;dr

• Heap Overflow in glob function while handling Tilde operator.
• Abuse null byte overflow to gain RCE.

tl;dr

• Use the integer overflow to trigger a kernel heap overflow.
• Use the heap overflow to overwrite tty structure function pointers to get code execution.

tl;dr

• Jemalloc heap challenge
• A buggy implementation of strncat in merge allows for an overwrite onto the next region

tl;dr

• Arbitrary type confusion in DFG JIT
• Bug eliminates a single CheckStructure node

tl;dr

• Abusing a stack overflow on a RISC-V binary to then return to shellcode.

tl;dr

• Leak with Format String bug.
• Use the arbitrary heap pointer write to overwrite __GI__IO_file_jumps.
• Inject shellode in heap and get code execution in dfprintf.

tl;dr

• Out-of bounds index write allows byte-by-byte overwrite of return address

tl;dr

• Carefully arranging structs on stack so as to overwrite saved rip , without corrupting the stack canary.
• Leak libc with puts and execute a ret2libc to get shell

Writeup from InCTFi 2019 bartender

tl;dr Windows 32-bit SEH exploitation

tl;dr 2 element overflow in Array when jit compiled