Introduction This is my report of CVEs (Common Vulnerabilities and Exposures) while I was in Viettel Cyber Security as an Software Exploitation Intern Detail: This repo include 3 CVEs: CVE-2015-1701: A Win32k LPE vulnerability used in APT attack CVE-2017-5375: JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attack