Yuki Chen

Yuki Chen is the core member of 360Vulcan Team from 360 Safeguard offensive and defensive research group. In March of this year, the 360Vulcan Team successfully exploited 64-bit Internet Explorer with EPM enabled at Pwn2Own 2015 in Vancouver, Canada. Yuki Chen has over six years experience in the security industry and currently manages a team focused on vulnerability research at Qihoo 360. He is mostly interested in vulnerability hunting and analyzing and exploit development. He has discovered vulnerabilities in a wide range of products including browsers, Adobe flash/pdf, Java, and so on. He has spoken at several security conferences such as SysCan, Xcon and SysCan360.





CVEs Disclosed by Yuki Chen

09/11 CVE-2020-1598

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly...

7.8 HIGH
09/11 CVE-2020-1133

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file...

7.8 HIGH
09/11 CVE-2020-1376

An elevation of privilege vulnerability exists in the way that fdSSDP.dll handles objects in memory, aka 'Windows...

7.8 HIGH
09/11 CVE-2020-1491

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in...

7.8 HIGH
09/11 CVE-2020-0922

A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory, aka...

8.8 HIGH
09/11 CVE-2020-1052

An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory, aka 'Windows...

7.8 HIGH
09/11 CVE-2020-1130

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data...

7.8 HIGH
09/11 CVE-2020-0912

An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles...

7.8 HIGH
08/17 CVE-2020-1519

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit...

7.8 HIGH
08/17 CVE-2020-1383

An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled, aka 'Windows...

5.5 MEDIUM

This page is open source. Noticed a typo? Or something missing?

Improve this page