___        /  /\    
      /__/\      /  /::\   
      \__\:\    /  /:/\:\  
      /  /::\  /  /:/  \:\ 
   __/  /:/\/ /__/:/ \__\:\
  /__/\/:/~~  \  \:\ /  /:/
  \  \::/      \  \:\  /:/ 
   \  \:\       \  \:\/:/  
    \__\/        \  \::/   
                  \__\/    
header
This page somewhat cynically celebrates the relatively new trend of giving bugs more memorable names and logo designs.



Logo bugs

heartbleed         apr 2014 CVE-2014-0160     OpenSSL rarely used heartbeat functionality leaks memory which can include private keys
shellshock         sep 2014 CVE-2014-6271+    bash: controlling an env variable equals code execution due to parse error
GHOST              jan 2015 CVE-2015-0235     glibc gethostbyname
misfortune cookie  feb 2015 CVE-2014-9222     dsl isp router authentication bypass
venom              may 2015 CVE-2015-3456     qemu emulated floppy drive, vm escape
stagefright        jul 2015 CVE-2015-1538+    android, various bug in stagefright library, code execution when viewing untrusted media
drownattack        feb 2016 CVE-2016-0800     openssl bleichenbacher attack on sslv2 leaks private key, often same as tls key
badlock            mar 2016 CVE-2016-2118     smb/samba bug, SAMR and LSA mitm
ImageTragick       may 2016 CVE-2016-3714     ImageMagick, possible to craft files which when converted execute code
phwned             may 2016 none              privilege escalation admin->root in specific android VOIP devices.
httpoxy            jul 2016 CVE-2016-5385+    CGI HTTP_PROXY env var conflicts 
sweet32            aug 2016 CVE-2016-2183+    Birthday attacks on 64-bit block ciphers in TLS and OpenVPN
dirtycow           oct 2016 CVE-2016-5195     Linux kernel privilege escalation
blacknurse         nov 2016 none              icmp type 3 code 3 DoS attack
pwnscriptum        dec 2016 CVE-2016-10033    PHPMailer - Remote Code Execution (possibly/probably miscredited)
ticketbleed        feb 2017 CVE-2016-9244     heartbleed like vulnerability in BIG-IP appliances
shattered          feb 2017                   full sha1 collision
cloudbleed         feb 2017                   cloudflare leaking PII customer data to the internet
biterrant          mar 2017                   pointing out sha1 is used in bittorrent. The actual threat is exagerated.
riddle             mar 2017 CVE-2017-3305     mysql ssl client/server connections are mitm'able
DoubleAgent        mar 2017 CVE-2017-5567+    microsoft application verifier hijack, allowing to misappropriate AV
Ring-Road          apr 2017                   QUIC protocol leaking password length
stringbleed        apr 2017 CVE 2017-5135     SNMP auth bypass (allegedly)
antbleed           apr 2017                   miner device firmware allows remote disabling
ghostbutt          apr 2017 CVE-2017-8291     Artifex Ghostscript -dSAFER bypass (allegedly) 
rtpbleed           sep 2017                   mitm sip calls, without being in the middle due to how rtp proxies deal with NAT
ROBOT              dec 2017 CVE-2017-17428+   Bleichenbacher's Oracle, again in pcks1.5
meltdown           jan 2018 CVE-2017-5754     speculative execution sidechannel leaking memory from pages marked supervisor via cache
spectre            jan 2018 CVE-2017-5753+    speculative execution sidechannel leaking memory from a victim process on the same CPU
holeybeep          apr 2018 CVE-2018-0492     local privilege escalation allegedly. (less common) suid binary beep.
sirenjack          apr 2018                   ati systems' sirens can be activated without encryption
efail              may 2018 CVE-2017-17688+   two bugs in how pgp is handled in mail clients, and cipher block chaining
dynoroot           may 2018 CVE-2018-1111     redhat dhcp client remote root code execution by malicious dhcp server
zipperdown         may 2018                   alleged app boundary violation in iOS
zipslip            jun 2018 CVE-2018-1002203+ zip file overwrite aka the old ..\..\
wavethrough        jun 2018 CVE-2018-8235     html media element making no-cors requests in unsafe way
RAMPAGE            jun 2018 CVE-2018-9442     android app seperation bypass
foreshadow         aug 2018 CVE-2018-3615     speculative execution bugs allowing to read sgx, smm, ..
bleedingbit        nov 2018 CVE-2018-16986+   Bugs in bluetooth low energy implementations, alleged rce
dragonblood        apr 2019                   various weaknesses in the uncommon WPA3 standard
Thrangrycat        may 2019 CVE-2019-1649+    Bypass Cisco's Trust Anchor module
zombieload         may 2019 CVE-2018-12130    Speculative execution intel leaking sgx and vm from root
mds                may 2019 CVE-2018-12130+   Speculative execution intel sidechannels
rambleed           jun 2019 CVE-2019-0174     rowhammer; physical address space
plundervolt        dec 2019 CVE-2019-11157    undervolting as a means to influence sgx
cablehaunt         jan 2020 CVE-2019-19494+   cable modem firmware buffer overflow
cacheout           jun 2020 CVE-2020-0549+    intel sepculative execution bug based on cache eviction
boothole           jul 2020 CVE-2020-10713    grub2 / uefi bypass secure boot
revolte            aug 2020                   attack to decrypt lte
platypus           nov 2020 CVE-2020-8694+    power sidechannel, RAPL accessible from unprivileged user, breaks aesni/sgx/etc
saddns             nov 2020 CVE-2020-25705    icmp global rate limit causes sidechannel exposing source port of dns querry reducing entropy, allowing dns cache poisoining
fragattacks        may 2021 CVE-2020-24586+   multiple design and implementation flaws in WPA2 and WPA3.
m1racles           may 2021 CVE-2021-30747    read/writable register on Apple M1 arm cpu that is not properly isolated between processes
alpaca             jun 2021 CVE-2021-31971    TLS multi protocol confusion with subdomains
sequoia            jul 2021 CVE-2021-33909    local linux privesc, kernel bug large file path
cipherleak         aug 2021 CVE-2020-12966    AMD SEV-SNP sidechannel. reading ciphertext leads to infoleak
spook.js           sep 2021                   Spectre mitigation in chrome bypass
omigod             sep 2021 CVE-2021-38647+   Azure's OpenManagementInterface remote code execution bugs
smashex            oct 2021 CVE-2021-0186+    intel SGX compromise enclaves
hertzbleed         jun 2022 CVE-2022-23823+   Using frequency scaling of modern cpu as a side channel
rolling-pwn        jul 2022 CVE-2022-46145    Honda cars allowing to roll back the rolling key counter
acropalypse        mar 2023 CVE-2023-21036    Information leakage from Pixel screenshot censor tool
tetraburst         aug 2023 CVE-2022-24401+   Radio Communication network technology used by law enforcement broken crypto
5ghoul             dec 2023 CVE-2023-33043+   family of implementation-level 5G vulnerabilities
terrapin           dec 2023 CVE-2023-48795+   prefix truncation attack on SSH

Named bugs

named bugs without logo:
shatter         dec 2002 MS02-071      WM_TIMER Message Handling privesc
BEAST           sep 2011 CVE-2011-3389 ssl cbc weakness, made people use rc4
CRIME           sep 2012 CVE-2012-4929 ssl info leakage by using chosen plain text and compression size
lucky13         feb 2013 CVE-2013-0169 ssl cbc timing oracle (the fix caused the worse bug: CVE-2016-2107)
BREACH          aug 2013 CVE-2013-3587 ssl compression info leakage
POODLE          oct 2014 CVE-2014-3566 ssl cbc mitm force downgrade to sslv3
rc4nomore       aug 2015               stop people using rc4
FREAK           may 2015 CVE-2015-0204 ssl mitm force use "exportgrade rsa" 512 bit keys.
logjam          may 2015 CVE-2015-4000 dh a lot of software only used one of a small set of weak (<=1024 bit) primes
rowhammer       jul 2015 CVE-2015-0565 induce faults in physically nearby rows of DRAM possibly belonging to higher priv process
cachebleed      mar 2016 CVE-2016-0702 ssl sidechannel using cache-banks pre haswell cpus
badTunnel       jun 2016 CVE-2016-3236 MS16-077 massive WPAD privilege escalation
HEIST           aug 2016               BREACH/CRIME from browser using malicious javascript (allegedly)
quadrooter      aug 2016               android rooting bugs(provisional)
drammer         oct 2016 CVE-2016-6728 rowhammer for ARM/mobile
LOBSTER         nov 2016 CVE-2016-1000031 serialisation in apache remote exec 
Devil's Ivy     jul 2017 CVE-2017-9765 rce allegedly in library code from gSOAP
KRACK           nov 2017               wpa handshake problems. 
Please Stop Naming Vulnerabilities     nov 2017 Android kernel bugs
PortSmash       nov 2018 CVE-2018-5407 sidechannel in intel chips with hyperthreading

Satire bugs

This new trend, and in particular the mismatch between hype and severity of some of these bugs has drawn a lot of criticism. and spawned satirical bugs.


BACKRONYM NoToken sadlock Twitbleed


Please let us know if any of these are POE-days [(c) brainsmoke].

Disclamer

This list does not make any claims about the noteworthyness of these bugs. It also strongly refutes the notion that all bugs with a logo are overhyped. Some have won a pwnie for best bug, some for most overhyped bug.

The license of these logos is not always clear, it is however our understanding that the inclusion on this page falls under fair use. More importantly even intended use. However, if you own any of the rights on one of these logos and would like to see it removed contact us at blapost@gmail.com and it will be removed immediately.

The list is incomplete, and may contain flaws.

bla