About TSRC
  • Antihacking, monitoring and analyzing security threats of Tencent.

  • Protecting over 1,000,000,000 netizens around the world.

  • Building an open platform for technology sharing.

  • Fighting for a better cyber security ecosystem.

Our Contribution
ID Company Product Date Type VID Details
niubl / Ruby 2022-04-12 Double free CVE-2022-28738 Ruby Security
niubl / Ruby 2022-04-12 Buffer overrun CVE-2022-28739 Ruby Security
niubl / Redmine 2021-04-26 Arbitrary file read CVE-2021-31863 CVEID
niubl / Node.js 2021-01-04 HTTP Request Smuggling CVE-2020-8287 Node.js Security
Clarkhe inspur BMC 2020-12-04 Authentication Bypass CVE-2020-26122 Inspur Advisor
Nicky / EV Charger 2020-10-24 Free Charging / GeekPwn 2020
niubl / ruby 2020-09-29 HTTP Request Smuggling CVE-2020-25613 Ruby Security
Xbalien Semtech basicstation 2020-06-18 Use-After-Free CVE-2020-4060 CVEID
Xbalien Semtech LoRaMac-Node 2020-05-26 Buffer Overflow CVE-2020-11068 CVEID
Wenxiang Qian SQLite/Google Chrome 2019-12-11 Out-of-bounds Write CVE-2019-13734 Google Security
Wenxiang Qian SQLite/Google Chrome 2019-12-11 Protection Bypass CVE-2019-13750 Google Security
Wenxiang Qian SQLite/Google Chrome 2019-12-11 Uninited Data Read CVE-2019-13751 Google Security
Wenxiang Qian SQLite/Google Chrome 2019-12-11 Out-of-bounds Read CVE-2019-13752 Google Security
Wenxiang Qian SQLite/Google Chrome 2019-12-11 Out-of-bounds Read CVE-2019-13753 Google Security
Xbalien Google Chrome 2019-11-13 Use-after-free CVE-2019-13723 Google Security
Xbalien Google Chrome 2019-11-13 Out-of-bounds access CVE-2019-13724 Google Security
Xiling Gong Qualcomm Android 2019-08-01 Remote Code Execution CVE-2019-10539 Qualcomm Security
Xiling Gong Qualcomm Android 2019-08-01 Buffer Overflow CVE-2019-10540 Qualcomm Security
Xiling Gong Google Android 2019-08-01 Elevation of Privilege CVE-2019-10538 Google Security
Xbalien Google Chrome 2019-03-19 Use-after-free CVE-2019-5863 Google Security
Wenxiang Qian Google Chrome 2019-03-07 Out of Bounds Read CVE-2019-5835 Google Security
Wenxiang Qian curl libcurl 2019-02-06 Out-of-bounds Read CVE-2018-16890 Curl security
Wenxiang Qian curl libcurl 2019-02-06 Stack Buffer Overflow CVE-2019-3822 Curl security
Wenxiang Qian SQLite/Google SQLite/Chromium 2018-11-01 Buffer Overflow/Mem Leak CVE-2018-20346 Google Security
Wenxiang Qian SQLite/Google SQLite/Chromium 2018-11-01 Buffer Overflow/Mem Leak CVE-2018-20505 Google Security
Wenxiang Qian SQLite SQLite 2018-11-01 Remote DoS CVE-2018-20506 SQLite Security
Nicky Microsoft Cortana 2018-07-15 Android App RCE - Microsoft Security
Wenxiang Qian / libcivetweb 2018-06-22 Out-of-Bounds CVE-2018-12684 CVE ORG
Wenxiang Qian / libcivetweb 2018-06-22 Information Leak CVE-2018-12685 CVE ORG
Wenxiang Qian / libcivetweb 2018-06-22 Remote Code Execution CVE-2018-12686 CVE ORG
Nicky & Xbalien XiaoMi MI AI Speaker 2018-06-08 Remote Command Execute - XiaoMi Security
riusksk Google TensorFlow 2018-06-01 Out-of-bounds Read CVE-2018-7574 Google Security
riusksk Google TensorFlow 2018-06-01 Null Pointer Dereference CVE-2018-7576 Google Security
Bo Zhang Google TensorFlow 2018-06-01 Out-of-bounds Read CVE-2018-8825 Google Security
Bo Zhang Google TensorFlow 2018-06-01 Out-of-bounds Read CVE-2018-7575 Google Security
Bo Zhang Google TensorFlow 2018-06-01 memcpy-param-overlap CVE-2018-7577 Google Security
Bo Zhang Google TensorFlow 2018-06-01 heap buffer overflow CVE-2018-10055 Google Security
Bo Zhang Google Android 2018-05-25 Out-of-Bounds CVE-2017-15853 Android Security
Peter Pi Qualcomm Android 2018-05-11 Elevation of Privilege CVE-2018-3571 Qualcomm Security
Peter Pi Qualcomm Android 2018-05-11 Elevation of Privilege CVE-2018-3572 Qualcomm Security
Xiling Gong Google Android 2018-05-01 Remote Code Execution CVE-2018-5912 Android Security
Xiling Gong Google Android 2018-05-01 Remote Code Execution CVE-2018-2256 Android Security
Peter Pi Qualcomm Android 2018-04-25 Elevation of Privilege CVE-2018-3563 Qualcomm Security
Zhiyang Zeng Apple iMessage 2018-04-24 UI spoofing CVE-2018-4187 Apple Security
saiy TOPThink ThinkPHP 2018-04-10 SQL Injection -
Peter Pi Google Android 2018-04-05 Information Leak CVE-2018-9421 Android Security
Peter Pi Google Android 2018-04-05 Information Leak CVE-2018-9420 Android Security
Peter Pi Google Android 2018-04-05 Information Leak CVE-2018-9345 Android Security
Peter Pi Google Android 2018-04-05 Information Leak CVE-2018-9346 Android Security
Zhiyang Zeng Apple Safari 2018-03-29 UI spoofing CVE-2018-4134 Apple Security
Peter Pi Qualcomm Android 2018-03-29 Elevation of Privilege CVE-2017-15829 Qualcomm Security
Peter Pi Qualcomm Android 2018-03-29 Elevation of Privilege CVE-2017-15820 Qualcomm Security
Peter Pi Qualcomm Android 2018-03-29 Elevation of Privilege CVE-2017-14886 Qualcomm Security
Peter Pi Google Android 2018-03-06 Elevation of Privilege CVE-2017-13269 Android Security
ZhangBo Google Android 2018-03-06 Elevation of Privilege CVE-2017-18069 Android Security
Xiling Gong Google Android 2018-02-05 Elevation of Privilege CVE-2017-15852 Android Security
ZhangBo Google Android 2018-02-05 Elevation of Privilege CVE-2015-9016 Android Security
Peter Pi Qualcomm Android 2018-01-26 Elevation of Privilege CVE-2017-14873 Qualcomm Security
Wolfu Google Android 2018-01-05 Elevation of Privilege CVE-2017-13219 Android Security
Wolfu Google Android 2018-01-05 Elevation of Privilege CVE-2017-13207 Android Security
Peter Pi Qualcomm Android 2017-12-14 Elevation of Privilege CVE-2017-11031 Qualcomm Security
riusksk Adobe Acrobat Pro DC 2017-11-15 Memory Corruption CVE-2017-11293 Adobe Security
riusksk Adobe Acrobat Pro DC 2017-11-15 Memory Corruption CVE-2017-16408 Adobe Security
riusksk Adobe Acrobat Pro DC 2017-11-15 Memory Corruption CVE-2017-16409 Adobe Security
riusksk Adobe Acrobat Pro DC 2017-11-15 Memory Corruption CVE-2017-16410 Adobe Security
riusksk Adobe Acrobat Pro DC 2017-11-15 Memory Corruption CVE-2017-16411 Adobe Security
riusksk Adobe Acrobat Pro DC 2017-11-15 Memory Corruption CVE-2017-16399 Adobe Security
riusksk Adobe Acrobat Pro DC 2017-11-15 Memory Corruption CVE-2017-16395 Adobe Security
riusksk Adobe Acrobat Pro DC 2017-11-15 Memory Corruption CVE-2017-16394 Adobe Security
riusksk Adobe Adobe Digital Editions 2017-11-15 Memory Corruption CVE-2017-11301 Adobe Security
Bo Zhang Google Android 2017-11-07 Elevation of Privilege CVE-2017-11600 Android Security
Peter Pi Google Android 2017-11-07 Elevation of Privilege CVE-2017-11091 Android Security
Xiling Gong Google Android 2017-11-07 Elevation of Privilege CVE-2017-9690 Android Security
Wolfu Google Android 2017-11-07 Elevation of Privilege CVE-2017-0863 Android Security
Wolfu Google Android 2017-11-07 Elevation of Privilege CVE-2017-11073 Android Security
Wolfu Google Android 2017-11-07 Elevation of Privilege CVE-2017-11093 Android Security
Zhiyang Zeng Apple Safari 2017-11-01 URL Spoofing CVE-2017-13790 Apple Security
Peter Pi Google Android 2017-10-03 Elevation of Privilege CVE-2017-11046 Android Security
Wolfu Google Android 2017-10-03 Elevation of Privilege CVE-2017-11050 Android Security
Wolfu Google Android 2017-10-03 Elevation of Privilege CVE-2017-11051 Android Security
Wolfu Google Android 2017-10-03 Elevation of Privilege CVE-2017-11067 Android Security
riusksk Apple Xcode 2017-09-20 Memory Corruption CVE-2017-7076 Apple Security
riusksk Apple Xcode 2017-09-20 Memory Corruption CVE-2017-7134 Apple Security
riusksk Apple Xcode 2017-09-20 Memory Corruption CVE-2017-7135 Apple Security
riusksk Apple Xcode 2017-09-20 Memory Corruption CVE-2017-7136 Apple Security
riusksk Apple Xcode 2017-09-20 Memory Corruption CVE-2017-7137 Apple Security
Bo Zhang Red Hat Linux kernel 2017-09-07 Denial of Service CVE-2017-12153 Redhat Security
riusksk Adobe Acrobat Reader 2017-08-09 Memory Corruption CVE-2017-3016 Adobe Security
riusksk Adobe Adobe Digital Editions 2017-08-09 Memory Corruption CVE-2017-11280 Adobe Security
riusksk Apple macOS 2017-07-20 Out-of-Bounds CVE-2017-7015 Apple Security
riusksk Apple macOS 2017-07-20 Out-of-Bounds CVE-2017-7016 Apple Security
riusksk Apple macOS 2017-07-20 Stack Overflow CVE-2017-7033 Apple Security
Zhiyang Zeng Apple Safari 2017-07-20 Memory Corruption CVE-2017-7019 Apple Security
Xiling Gong Google Android 2017-07-06 Information Disclosure CVE-2017-0708 Android Security
Xbalien Google Android 2017-07-06 Elevation of privilege CVE-2017-0704 Android Security
Xbalien Google Android 2017-07-06 Information Disclosure CVE-2017-0669 Android Security
Xiling Gong Google Chrome 2017-06-16 Out-of-Bounds CVE-2017-5088 Chrome Security
riusksk Adobe Adobe Digital Editions 2017-06-14 Out-of-Bounds CVE-2017-3093 Adobe Security
riusksk Adobe Adobe Digital Editions 2017-06-14 Stack Overflow CVE-2017-3094 Adobe Security
riusksk Adobe Adobe Digital Editions 2017-06-14 Stack Overflow CVE-2017-3095 Adobe Security
riusksk Adobe Adobe Digital Editions 2017-06-14 Memory Corruption CVE-2017-3096 Adobe Security
Zhiyang Zeng Google Chrome 2017-06-05 Logical Vulnerability CVE-2017-5085 Chrome Security
Xiling Gong Google Android 2017-06-05 Elevation of privilege CVE-2017-8236 Android Security
Zhiyang Zeng & Yuyang Zhou Apple Safari 2017-05-16 URL Spoofing CVE-2017-2500 Apple Security
Zhiyang Zeng Apple Safari 2017-05-16 URL Spoofing CVE-2017-2511 Apple Security
Xiling Gong Google Android 2017-05-05 Elevation of privilege CVE-2017-0597 Android Security
riusksk Adobe Acrobat Reader 2017-04-12 Out-of-Bounds CVE-2017-3040 Adobe Security
riusksk Adobe Acrobat Reader 2017-04-12 Memory Corruption CVE-2017-3039 Adobe Security
kimyok Adobe Acrobat Reader 2017-04-12 Memory Corruption CVE-2017-3017 Adobe Security
kimyok Adobe Acrobat Reader 2017-04-12 Memory Corruption CVE-2017-3018 Adobe Security
kimyok Adobe Acrobat Reader 2017-04-12 Memory Corruption CVE-2017-3024 Adobe Security
kimyok Adobe Acrobat Reader 2017-04-12 Memory Corruption CVE-2017-3025 Adobe Security
kimyok Adobe Acrobat Reader 2017-04-12 Memory Corruption CVE-2017-3065 Adobe Security
Zhiyang Zeng / MyBB 2017-04-04 XSS CVE-2017-8103 CVE ORG
Zhiyang Zeng / MyBB 2017-04-04 Directory Traversal CVE-2017-8104 CVE ORG
riusksk Apple macOS/iOS 2017-03-28 Heap Overflow CVE-2017-2379 Apple Security
riusksk Apple macOS/iOS 2017-03-28 Denial of Service CVE-2017-2417 Apple Security
riusksk Apple macOS/iOS 2017-03-28 Out-of-Bounds CVE-2017-2487 Apple Security
riusksk Apple macOS/iOS 2017-03-28 Memory Corruption CVE-2017-2406 Apple Security
riusksk Apple macOS/iOS 2017-03-28 Memory Corruption CVE-2017-2407 Apple Security
kimyok Apple macOS 2017-03-28 Memory Corruption CVE-2017-2431 Apple Security
kimyok Apple macOS 2017-03-28 Double Free CVE-2017-2435 Apple Security
Yuyang Zhou Apple Safari 2017-03-28 URL Spoofing CVE-2017-2376 Apple Security
深夜饮酒 Apple Safari 2017-03-28 HTTP Authentication Spoofing CVE-2017-2389 Apple Security
Nicky Huawei EMUI 2017-03-23 Bluetooth Unlock Bypassing CVE-2017-2728 Security Advisories
zhaohuan Apple mfi.apple.com 2017-03-07 Server Configuration - Apple Security
zhaohuan Apple developer.apple.com 2017-03-07 Server Configuration - Apple Security
zhaohuan Apple ara.apple.com 2017-03-07 Server Configuration - Apple Security
riusksk Foxit Foxit Reader 2017-03-02 Memory Corruption CVE-2017-5989 Security Bulletins
Nicky Huawei EMUI 2017-02-23 Remote Code Execution CVE-2017-2699 Security Advisories
riusksk Adobe Acrobat Reader 2017-02-16 Heap Overflow CVE-2017-2959 Adobe Security
Peter Pi Qualcomm Android 2017-02-16 Elevation of Privilege CVE-2018-11047 Qualcomm Security
Peter Pi Qualcomm Android 2017-02-16 Elevation of Privilege CVE-2018-15826 Qualcomm Security
Nicky LineCorp Line 2017-01-13 Cross Site Script / HallofFame
Xbalien Google Android 2017-01-04 Elevation of Privilege CVE-2017-0395 Android Security
riusksk / libarchive 2016-12-29 Use After Free CVE-2016-10080 CVE ORG
Neargle Flask Flask 2016-12-24 Cross Site Script CVE-2016-10516 Flask Security
kimyok / libwebp 2016-12-16 Memory Corruption CVE-2016-9969 CVE ORG
riusksk Apple macOS/iOS 2016-12-14 Out-of-Bounds CVE-2016-7595 Apple Security
riusksk Apple macOS/iOS 2016-12-14 Out-of-Bounds CVE-2016-4691 Apple Security
riusksk Apple macOS 2016-12-14 Memory Corruption CVE-2016-7618 Apple Security
riusksk Apple macOS 2016-12-14 Memory Corruption CVE-2016-7622 Apple Security
riusksk / giflib 2016-12-13 Out-of-Bounds CVE-2016-9944 CVE ORG
riusksk / OpenJPEG 2016-12-07 Memory Corruption CVE-2016-9890 CVE ORG
Xbalien Google Android 2016-12-06 Elevation of Privilege CVE-2016-6771 Android Security
riusksk / libxml2 2016-12-05 Out-of-Bounds CVE-2016-9833 CVE ORG
kimyok Google pdfium 2016-12-04 Out-of-Bounds CVE-2016-9805 CVE ORG
riusksk / OpenJPEG 2016-12-01 Memory Corruption CVE-2016-9753 CVE ORG
kimyok Google VRCore 2016-11-30 Auth Bypass / Google VRP
kimyok Google syncadapters 2016-11-19 Auth Bypass CVE-2019-9281 Google VRP
Nicky / ExponentCMS 2016-11-11 SQL Injection CVE-2016-9272 Github Issue
askyshang Google Android 2016-11-01 Denial of service CVE-2016-6713 Android Security
riusksk Apple Mac OS X 2016-09-21 Memory Corruption CVE-2016-4779 HT207170
riusksk Apple Xcode 2016-09-14 Memory Corruption CVE-2016-4705 HT207140
Yuyang Zhou Google Chrome 2016-08-21 Scheme bypass CVE-2016-5193 Google Security
Yuyang Zhou Mozilla Firefox 2016-08-04 same-origin policy bypass CVE-2016-5291 Mozilla Security
深夜饮酒 Google Chrome 2016-07-21 Content-Security-Policy bypass CVE-2016-5135 Chrome Security
Xiling Gong Google Android 2016-07-07 Elevation of privilege CVE-2016-3745 Android Security
Xiling Gong Google Android 2016-06-06 Information Disclosure CVE-2016-2499 Android Security
Nicky Lenovo ShareIt 2016-05-19 UXSS CVE-2016-4783 LEN-6421
Nicky Lenovo ShareIt 2016-05-19 Intent Scheme URL attack CVE-2016-4782 LEN-6421
riusksk / libgd 2016-05-01 Double Free CVE-2016-4413 libgd bug 208
Nicky / dotCMS 2016-04-12 SQL Injection CVE-2016-2355 dotCMS SI-35
riusksk / libav 2016-03-18 Memory Corruption CVE-2016-3184 libav bug 930
riusksk Yahoo WebMail 2016-03-18 XSS / Hackerone
riusksk / libav 2016-03-11 Memory Corruption CVE-2016-3062 libav bug 929
riusksk Adobe Flash Player 2016-03-11 Memory Corruption CVE-2016-0992 APSB16-08
Do9gy / Cacti 2016-03-07 SQL Injection CVE-2016-3172 Cacti 0002667
zhaohuan / JiveSoftware 2016-02-03 Directory Traversal CVE-2016-2534 EDB-ID 39405
riusksk / libtiff 2015-12-28 Heap Overflow CVE-2015-8668 Redhat Bug 129425
Do9gy / phpMyAdmin 2015-12-25 Info Leak CVE-2015-8669 PMASA-2015-6
riusksk && monster Lakala Lakala POS 2015-10-24 Access Control Weakness / GeekPwn2015
riusksk Suning ifPay 2015-10-24 Remote Code Execution / GeekPwn2015
zhuliang iBoxPay iBoxPay POS 2015-10-24 Access Control Weakness / GeekPwn2015
nicky ChangDi Changdi Smart Oven 2015-10-24 Authentication Bypass / GeekPwn2015
Gmxp DJI Phantom Drone 2015-10-24 Authentication Bypass / GeekPwn2015
Gmxp Apple XcodeGhost 2015-09-12 Backdoor / TSRC Blog
monster Yeahka Yeahka POS 2014-12-23 Access Control Weakness / GeekPwn2014
riusksk Konke Konke Smart Plug 2014-10-24 Authentication Bypass / GeekPwn2014
monster Baidu iermu Camera 2014-10-24 Authentication Bypass / GeekPwn2014
Gmxp Sciener Sciener Smart Door Lock 2014-10-24 Info Leak & Authentication Bypass / GeekPwn2014
zhaohuan Ebay WebSite 2014-06-10 Remote Code Execution / Ebay
zhaohuan Yahoo WebSite 2014-04-01 Remote Code Execution / Hackerone
zhaohuan Evernote WebSite 2014-04-01 Remote Code Execution / Evernote
dragonltx Apple QuickTime Player 2014-02-25 Heap Overflow CVE-2014-1249 HT202932
riusksk Alibaba WebSite 2014-01-11 Multiple Dom XSS / ASRC
riusksk NetEase WebSite 2013-07-17 Multiple Remote Code Execution / NSRC
riusksk Baidu WebSite 2013-07-17 Multiple Remote Code Execution / BSRC
riusksk Baidu WebSite 2013-07-03 Multiple SQL Injection / BSRC
riusksk Microsoft DirectShow 2013-02-12 Heap Overflow CVE-2013-0077 MS13-011
zhaohuan PayPal WebSite 2013-02-11 Multiple XSS / Paypal
riusksk NetEase WebSite 2013-01-17 Multiple Dom XSS / NSRC
xti9er && chouqiu / phpMyAdmin && SourceForge 2012-09-25 Backdoor CVE-2012-5159 PMASA-2012-5 SourceForge blog
zhaohuan Microsoft WebSite 2012-01-01 SQL Injection && XSS / Microsoft
lake2 Adobe Flash Player 2011-01-01 Cross-domain Policy Bypass CVE-2011-2458 APSB11-28
lake2 Adobe Flash Player 2009-07-30 Heap Overflow CVE-2009-1862 APSB09-10
Join Us

If you...

1. are passionate about ethical hacking

2. are good at vulnerability hunting and exploitation

3. are willing to contribute your expertise to protect billions of Internet users

Please join us! Do ethical hacking, become a hero and enjoy the rewards!