The article details two C/C++ security vulnerabilities based on code challenges. The first is a Linux command injection flaw caused by the inetntoa function's global buffer reuse and inetaton accepting trailing garbage. The second is a Windows driver Local Privilege Escalation (LPE) vulnerability stemming from missing RTLQUERYREGISTRYTYPECHECK flags during RtlQueryRegistryValues API calls. This omission allows attackers to leverage registry type confusion (e.g., using REGBINARY or REGSZ instead of REGDWORD) to overwrite kernel stack memory via writable keys in trusted system hives.