Choongwoo Han computer security researcher tunz

Vulnerability Reports Full List

  • 2017
    • Out of bounds read in Chrome V8 (reward $3,000 / CVE-2017-5071) (link)
    • Information Disclosure in Chrome V8 (reward $2,000 / CVE-2017-5040) (link)
    • Null Pointer Dereference in string prepend of mruby (reward $800) (link)
    • Heap Overflow in array splice of mruby (reward $800) (link)
    • Type Confusion in print_backtrace of mruby (reward $100) (link)
    • Use After Free in array replace of mruby (reward $800) (link)
    • Local File Inclusion Attack in Rocket (link)
    • Integer Overflow in array splice of mruby (reward $800) (link)
    • Integer Overflow in array set of mruby (reward $100) (link)
    • Remote Code Execution in icoutils (CVE-2017-5208) (link)
  • 2016
    • Out-of-bounds write in Chrome V8 (reward $5,000 / CVE-2016-5200) (link)
    • Memory Corruption in Chrome V8 (reward $5,000 / CVE-2016-5172) (link)
    • Unauthorized branch access in GitHub (reward $5,000 + bonus $1,000) (link)
    • Heap Buffer Overflow in Chrome V8 (reward $3,000 / CVE-2016-1669) (link)
    • Out-of-bounds write in Chrome V8 (reward $5,000 / CVE-2016-1653) (link)
  • 2015
  • 2014
    • Remote Code Execution in Dr.Soft Netclient5 PMS (reward XXX / KISA 14-084)
    • Remote Code Execution in UNIST portal web site
  • 2013
    • SQL Injection and Break password encryption in UNIST portal web site
    • SQL Injection in UNIST web mail
    • Remote Code Execution in UNIST attendance checking devices