μ΄λν (DongHa Lee)
π 2004.02.18 (22 y.o)
π§ [email protected]
π dongha.xyz
Hi, Iβm DongHa β a passionate vulnerability researcher, CTF challenge author, and bug hunter with a special interest in fuzzing and AI for security. Iβve published CVEs and regularly contribute to security conferences, academic research, and open-source projects.
π Dive into what Iβve done during a magical month:
π December 2022 Activity
- Vuln Research: pwnable, web hacking, reversing, AI, fuzzing, crypto (PQC)
- Languages: C, C++, Python, Rust, x86 ASM, Node.js, CUDA
- Systems: Embedded dev, Docker, Linux Kernel
- CVE-2023-43646 | CVSS 7.5 / CWE-400, CWE-1333 / ReDoS
- CVE-2023-45827 | CVSS 9.8 / CWE-1321 / PP
- CVE-2023-50245 | CVSS 9.8 / CWE-120 / Buffer Copy without Checking Size of Input
- CVE-2024-23339 | CVSS 6.5 / CWE-1321 / PP
- CVE-2024-22526 | CVSS 5.5 / CWE-120 / Buffer Copy without Checking Size of Input
- CVE-2024-27088 | CVSS 5.5 / CWE-400, CWE-1333 / es5-ext(ECMAScript 5 extensions)
- CVE-2024-20746 | CVSS 7.8 / CWE-787 / Adobe Premiere Pro Out-of-bounds Write
- CVE-2024-42358 | CVSS 5.5 / CWE-835 / Loop with Unreachable Exit Condition ( DoS )
- KVE-2024-0820 | find the gap private bug bounty
- KVE-2024-0821 | find the gap private bug bounty
- KVE-2024-0454 | kisa knvd report
- CVE-2024-45870 | CVSS 6.5 / CWE-284 / Improper Access Control
- CVE-2024-45871 | CVSS 6.3 / CWE-20 / Improper Input Validation
- CVE-2024-45872 | CVSS 6.3 / CWE-122 / Heap-based Buffer Overflow
- CVE-2024-44913 | CVSS 5.5 / CWE-284 / Improper Access Control
- CVE-2024-44914 | CVSS 5.5 / CWE-284 / Improper Access Control
- CVE-2024-44915 | CVSS 5.5 / CWE-284 / Improper Access Control
- CVE-2025-4605 | RESERVED Autodesk MAYA 2025 memory corruption
- CVE-2025-24184 | Apple iOS 18.3, visionOS 2.3, watchOS 11.3, tvOS 18.3, macOS Sequoia 15.3 CoreMedia Playback
- Fuzzing & Symbolic Execution - CCA National Information Security Club Association Seminar (2025.02)
- Metaverse FuzzingμΌλ‘ 0-day μ°ΎκΈ° - KUCIS μλ¨κΆ μΈλ―Έλ (2024.10)
- KISA Academy λ²κ·Έ νν λ§μ€ν° κ³Όμ λ©μΈ κ°μ¬ (2024.06)
- Address Sanitizer and Out of Bound vulnerabilities - CCA Seminar (2024.03)
- λμ리 λͺ¨μ ν΄νΉ μ€ν°λ κ°μ(2024)
- λ€νΈμν¬ λ³΄μ μμ μ€μ΅ μ‘°κ΅ (2024)
- ReDoS μ·¨μ½μ νμ§ λꡬμ λν₯ λΆμ λ° κ°μ μ ν΅ν μ·¨μ½μ λΆμ μ°κ΅¬ λ°ν β νκ΅μ 보보νΈνν (2023.11)
- ReDoS μλν νμ§ λ°©λ²λ‘ β KUCIS μκ²½κ° μΈλ―Έλ (2023.09)
- [6/24/2025 CISC λ°ν μμ ] | νκ΅μ 보보νΈνν
- ReDoS μ·¨μ½μ νμ§ λꡬμ λν₯ λΆμ λ° κ°μ μ ν΅ν μ·¨μ½μ λΆμ μ°κ΅¬ | νκ΅μ 보보νΈνν
- νλ‘ν νμ μ€μΌ ν¨ν΄ μ‘°μ¬λ₯Ό ν΅ν Node.js ν¨ν€μ§ μ·¨μ½μ λΆμ μ°κ΅¬ | νκ΅μ 보보νΈνν
- AFL++ opensource contribute
- LKL gpu kernel driver fuzzing project (2024)
- Hspace knights νλ (2024)
- ReBoB NodeBOB ν (2023)
- CTF μΆμ λ° μ΄μ
- μ€λ§νΈκ΅ν΅ μλΉμ€ IoT μ₯μΉ μ·¨μ½μ λΆμ κ³Όμ μν
- κΈ°μ λμ λͺ¨μ μΉ¨ν¬/컨μ€ν
- R&D κ³Όμ λ€μ μ§ν
- μ 2 ν μκΈμκΈ ν΄μ»€ν€ (1st place) (2024.02)
- κ°μ²λνκ΅ κ°μ²μΈμ¬μ (2023.11)
- νκ΅μ 보보νΈνν μ°μ λ Όλ¬Έμ (2023.11)
- μ λ³΄λ³΄νΈ μ μ± μ μ 곡λͺ¨μ (λ³Έμ μ§μΆ) (2023.10)
- μ 1 ν μκΈμκΈ ν΄μ»€ν€ (3rd place) (2023.09)
- κ°μ²λνκ΅ μ»΄ν¨ν°κ³΅νλΆ μ€λ§νΈλ³΄μμ 곡 (2023λ 3μ ~ )
- νμκ³ λ±νκ΅ μ‘Έμ
- SSA LAB β νλΆ μ°κ΅¬μ (2025λ 1μ ~ νμ¬)
- Speech Tools β S/W engineer (2024λ 3μ ~ 2024λ 9μ)
- ZeroPointer β CEO (2023λ 6μ ~ 2024λ 9μ)
- Pay1oad β λΆνμ₯ (2025λ )
- Pay1oad β λΆνμ₯ (2024λ )
- ZeroPointerLab β νμ₯ (2024λ )
- Pay1oad β κ΅μ‘ νμ₯ (2023λ 6μ)
- π§ Email : [email protected]
- πΌ LinkedIn : linkedin.com/in/0x0dongha
- π§βπ» GitHub : GAP-dev