Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Meet the Author

Chris Davis Senior Security Consultant

Chris Davis is a Senior Security Consultant at Bishop Fox. His areas of expertise are application penetration testing (static and dynamic) and external network penetration testing.

Chris actively conducts independent security research and has been credited with the discovery of 40 CVEs (including CVE-2019-7551 and CVE-2018-17150) on enterprise-level, highly distributed software. The vulnerabilities he identified included remote code execution and cross-site scripting (XSS).

Chris completed the Cybersecurity Training Program at SecureSet Academy in addition to coursework at Metropolitan State University of Denver.

Security Research:

LEXSS: Bypassing Lexical Parsing Security Controls

CVEs Discovered:

  1. CVE-2018-17150
  2. CVE-2018-17151
  3. CVE-2018-17152
  4. CVE-2019-7551
  5. CVE-2019-8371
  6. CVE-2019-8368
  7. CVE-2019-15936
  8. CVE-2019-16246
  9. CVE-2019-15930
  10. CVE-2019-15931
  11. CVE-2019-15932
  12. CVE-2019-15933
  13. CVE-2019-15935
  14. CVE-2019-15934
  15. CVE-2020-11436
  16. CVE-2019-17428
  17. CVE-2019-19632
  18. CVE-2019-19631
  19. CVE-2020-9437
  20. CVE-2020-11438
  21. CVE-2020-11439
  22. CVE-2020-11437
  23. CVE-2020-12648
  24. CVE-2020-15950
  25. CVE-2020-15951
  26. CVE-2020-15952
  27. CVE-2020-16257
  28. CVE-2020-16256
  29. CVE-2020-16261
  30. CVE-2020-16262
  31. CVE-2020-16263
  32. CVE-2020-16260
  33. CVE-2020-16258
  34. CVE-2020-16259
  35. CVE-2020-15949
  36. CVE-2020-27637
  37. CVE-2021-26990
  38. CVE-2021-26991
  39. CVE-2021-26992
  40. CVE-2021-28114

Chris Davis

Posts from Chris Davis

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.