Our team’s vulnerabilities disclosures 2022

September 26, 2022

Our cybersecurity researchers devote time to reporting vulnerabilities in open-source projects we use every day, but our interests are also linked with IoT, pervasive products that are part of our life. So far, so long, these are the CVEs we reported this year. For this purpose, we used fuzzing techniques and reverse engineering.

CVE-2022–0890: NULL pointer dereference in MRuby

CVE-2022–0632: NULL pointer dereference in MRuby

CVE-2022–0481: NULL pointer dereference in MRuby

CVE-2022–0368: Heap-based out-of-bounds read in Vim

CVE-2022–0326: NULL pointer dereference in MRuby

CVE-2022–0319: Heap-based out-of-bounds read in Vim

CVE-2022–0240: NULL pointer dereference in MRuby

CVE-2022–0128: Heap-based out-of-bounds read in Vim

CVE-2022–29558: Command injection in formWlSiteSurvey function. This function is part of the web server provided by Realtek’s SDK for Linux based routers.

CVE-2022–27255: Buffer overflow in SIP ALG implementation of Realtek’s SDK for eCos based routers.

Continue Reading

The latest handpicked blog articles

Watch the recorded FaradAI webinar and learn how Faraday Security is evolving offensive security for the AI era through AI-powered attack triage, continuous validation, and expert-guided risk prioritization.

July 6, 2026

We are proud to share an important milestone in our journey: achieving ISO/IEC 27001:2022 certification, the internationally recognized standard for Information Security Management Systems (ISMS).

June 19, 2026

Reverse engineering undocumented processors has traditionally required months of manual work. In this article, Faraday researchers share how a hybrid AI-assisted pipeline recovered a proprietary instruction set architecture, generated a

June 16, 2026

Stay Informed, Subscribe to Our Newsletter

Enter your email and never miss timely alerts and security guidance from the experts at Faraday.

Faraday provides a smarter way for Large Enterprises, MSSPs, and Application Security Teams to get more from their existing security ecosystem.

Headquarters

Research Lab & Dev

Solutions

Open Source

© 2025 Faraday Security. All rights reserved.
Terms and Conditions | Privacy Policy