exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 84 RSS Feed

Files from Glazvunov

Email addressglazunov at google.com
First Active2019-04-01
Last Active2024-01-26
Chrome content::NavigationURLLoaderImpl::FallbackToNonInterceptedRequest Heap Use-After-Free
Posted Jan 26, 2024
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap use-after-free vulnerability in content::NavigationURLLoaderImpl::FallbackToNonInterceptedRequest.

tags | exploit
advisories | CVE-2023-6112
SHA-256 | 5991378cd81b0bd15e90459d13e7396782910b67862cf292906e095dca2e9175
Chrome ReduceJSLoadPropertyWithEnumeratedKey Out-Of-Bounds Access
Posted Oct 5, 2023
Authored by Google Security Research, Glazvunov

Chrome checks in ReduceJSLoadPropertyWithEnumeratedKey are not sufficient to prevent the engine from reading an out-of-bounds index from an enum cache.

tags | exploit
advisories | CVE-2023-4427
SHA-256 | d2720d577ee6196fb4e71365c0315fa67c9c9abb683aa559628add3042c1ecce
Chrome Dangling FixedArray Pointers / Memory Corruption
Posted Oct 5, 2023
Authored by Google Security Research, Glazvunov

Chrome suffers from an issue with dangling FixedArray pointers in Torque that can lead to memory corruption.

tags | exploit
advisories | CVE-2023-4355
SHA-256 | 1bf880f7ba1c3955eba8b9696b7db8f2836b2579a921f40d918c9f7f376eb6da
Chrome Read-Only Property Overwrite
Posted Sep 15, 2023
Authored by Google Security Research, Glazvunov

Chrome suffers from a read-only property overwrite in TurboFan.

tags | exploit
advisories | CVE-2023-4352
SHA-256 | 339e46027cc8b8c66cb28ff3c463ad6c47cf6f8ffb6529887e6307d9537ad24c
Chrome device::OpenXrApiWrapper::InitSession Heap Use-After-Free
Posted Jul 17, 2023
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap use-after-free vulnerability in device::OpenXrApiWrapper::InitSession. Versions affected include Google Chrome 114.0.5735.45 (Official Build) and Chromium 116.0.5806.0 (Developer Build).

tags | exploit
advisories | CVE-2023-3217
SHA-256 | 31d602a3d96e944d063ead1d9fbfca2a6e74125a6f3f1b9fd9de66da1262572c
Chrome V8 Type Confusion
Posted Jun 30, 2023
Authored by Google Security Research, Glazvunov

v8::internal::JSObject::SetAccessor does not check if the receiver is extensible before adding a new property. A potential attacker can exploit the ability to extend non-extensible objects to achieve arbitrary code execution inside the renderer process. Google Chrome version 113.0.5672.63 is affected.

tags | exploit, arbitrary, code execution
advisories | CVE-2023-2936
SHA-256 | 5dea486a3e6ad9015ccd5bcf3a079867756de3fea0de37f9a81a4fdb0213817b
Chrome v8::internal::Object::SetPropertyWithAccessor Type Confusion
Posted Jun 30, 2023
Authored by Google Security Research, Glazvunov

Google Chrome version 112.0.5615.137 and Chromium version 115.0.5737.0 suffer from a type confusion vulnerability in v8::internal::Object::SetPropertyWithAccessor.

tags | exploit
advisories | CVE-2023-2935
SHA-256 | ca1ae2932c65327ead4a64b612c744bc25a9a0ee96064ba953dcf011ba640f7e
Chrome Internal JavaScript Object Access Via Origin Trials
Posted Jun 27, 2023
Authored by Google Security Research, Glazvunov

Chrome suffers from an internal javascript object access vulnerability. suffers from a code execution vulnerability.

tags | exploit, javascript, code execution
advisories | CVE-2023-2724
SHA-256 | ffd1bc4c7c03a984e8cd76542fd8b6610321410abd4663e7c81762fe8f30c5ae
Chrome base::SampleVectorBase::MoveSingleSampleToCounts Heap Buffer Overflow
Posted Apr 10, 2023
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap buffer overflow vulnerability in base::SampleVectorBase::MoveSingleSampleToCounts.

tags | exploit, overflow
advisories | CVE-2023-1220
SHA-256 | 56c179a58f11cc0f38bddec251f01ed9bc46c971de948deee99ccf3ae1bbc48f
Chrome base::debug::ActivityUserData::ActivityUserData Heap Buffer Overflow
Posted Apr 10, 2023
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap buffer overflow vulnerability in base::debug::ActivityUserData::ActivityUserData.

tags | exploit, overflow
advisories | CVE-2023-1219
SHA-256 | bf0edebf8c86d69106bb2e6045c77ad82ba926fd2ae83f98fa7a0b19855f6185
Chrome JSNativeContextSpecialization::BuildElementAccess Bypass
Posted Jan 18, 2023
Authored by Google Security Research, Glazvunov

Chrome suffers from a copy-on-write check bypass in JSNativeContextSpecialization::BuildElementAccess.

tags | exploit
SHA-256 | e557b72be711db4993d6e8b8912d3a2b8d46fe92a763b730da3097b4ad6eb837
Chrome Synchronous Mojo Use-After-Free
Posted Jan 2, 2023
Authored by Google Security Research, Glazvunov

A design flaw in the Chrome Synchronous Mojo message handling introduces unexpected reentrancy and allows for multiple use-after-free vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2022-4178
SHA-256 | 8a4497a8ccb25f14e2dfe008e25cc2f2541b2d1e30345fff6f3169f4cac5313d
Chrome blink::LocalFrameView::PerformLayout Use-After-Free
Posted Nov 25, 2022
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap use-after-free vulnerability in blink::LocalFrameView::PerformLayout due to an incomplete fix for CVE-2022-3199.

tags | exploit
advisories | CVE-2022-3199, CVE-2022-3654
SHA-256 | ede5dbd6ee9c5895a1b02c8bc6cefd5dfe9adef84fd2fceb45bd3140cd0fa16b
Chrome password_manager::WellKnownChangePasswordState::SetChangePasswordResponseCode Use-After-Free
Posted Nov 10, 2022
Authored by Google Security Research, Glazvunov

Chrome suffers from a password_manager::WellKnownChangePasswordState::SetChangePasswordResponseCode heap use-after-free vulnerability.

tags | exploit
advisories | CVE-2022-3842
SHA-256 | 95f6fb186156d8852bfb88cde51b59609bb9e1bb18fedd24876a32ee97f9a6fa
Chrome AccountSelectionBubbleView::OnAccountImageFetched Heap Use-After-Free
Posted Oct 20, 2022
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap use-after-free vulnerability in AccountSelectionBubbleView::OnAccountImageFetched.

tags | exploit
advisories | CVE-2022-2852
SHA-256 | 58250b99dc0491f82cdc58424c569b8f9d2df212310a3407eb9441507e365641
Chrome offline_items_collection::OfflineContentAggregator::OnItemRemoved Heap Buffer Overflow
Posted Oct 20, 2022
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap buffer overflow vulnerability in offline_items_collection::OfflineContentAggregator::OnItemRemoved.

tags | exploit, overflow
advisories | CVE-2022-2853
SHA-256 | a12649cc87b93dc4f1206b4520f0269c90067ff6042cf3fbf667a38af1956ab3
Google Chrome 103.0.5060.53 network::URLLoader::NotifyCompleted Heap Use-After-Free
Posted Oct 3, 2022
Authored by Google Security Research, Glazvunov

Google Chrome version 103.0.5060.53 (Official Build) and Chromium version 105.0.5148.0 (Developer Build) (64-bit) suffer from a network::URLLoader::NotifyCompleted heap use-after-free vulnerability.

tags | exploit
advisories | CVE-2022-3038
SHA-256 | 0a0cfa991a833e133ec250fb094a0a8fff51e2ddc48df648d1193d2e2686ead0
Google Chrome 103.0.5060.53 Autofill Assistant Universal Cross Site Scripting
Posted Oct 3, 2022
Authored by Google Security Research, Glazvunov

Google Chrome version 103.0.5060.53 suffers from an Autofill Assistant universal cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 15976aab9647c7b90f0f40144b888ee5fa37af45baa02bcd0adbe3fc7fae4979
Chrome LinkToTextMenuObserver::CompleteWithError Heap Use-After-Free
Posted Sep 16, 2022
Authored by Google Security Research, Glazvunov

A use-after-free issue exists in Chrome 104 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process. LinkToTextMenuObserver holds a raw pointer to a RenderFrameHost object, but is not owned by the frame host and does not watch for frame host destruction events. Therefore, if an attacker manages to destroy the frame host right after the observer is created but before the timeout task posted in StartLinkGenerationRequestWithTimeout() is executed, use-after-free will occur.

tags | exploit, web, arbitrary, code execution
advisories | CVE-2022-2998
SHA-256 | 071c2f32b441a15bf0f0c6db3397a3899a646938aeb7df15abb5fc345c9589e8
Chrome content::ServiceWorkerVersion::MaybeTimeoutRequest Heap Use-After-Free
Posted Aug 19, 2022
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap use-after-free vulnerability in content::ServiceWorkerVersion::MaybeTimeoutRequest. Google Chrome version 103.0.5060.53 and Chromium version 105.0.5134.0 are affected.

tags | exploit
advisories | CVE-2022-2480
SHA-256 | a5cedab667714abf085c2a940066ea32b5ec7735eceff8cf7a6da8ce5a4eae7b
Windows sxssrv!BaseSrvActivationContextCacheDuplicateUnicodeString Heap Buffer Overflow
Posted Aug 12, 2022
Authored by Google Security Research, Glazvunov

A heap buffer overflow issue exists in Windows 11 and earlier versions. A malicious application may be able to execute arbitrary code with SYSTEM privileges.

tags | exploit, overflow, arbitrary
systems | windows
advisories | CVE-2022-22049
SHA-256 | cb8f7be542f04c635c86858c21eaa7b6cc6ce03a9209a26428307fdbe1ed92a7
Windows sxs!CNodeFactory::XMLParser_Element_doc_assembly_assemblyIdentity Heap Buffer Overflow
Posted Aug 12, 2022
Authored by Google Security Research, Glazvunov

A heap buffer overflow issue exists in Windows 11 and earlier versions. A malicious application may be able to execute arbitrary code with SYSTEM privileges.

tags | exploit, overflow, arbitrary
systems | windows
advisories | CVE-2020-1027, CVE-2022-22026
SHA-256 | d9d1207247ebb20f56509add11b90166662a5bc61929b7ae0d9356619f52a0b3
Chrome CVE-2022-1096 Incomplete Fix
Posted Jun 20, 2022
Authored by Google Security Research, Glazvunov

Chrome suffers from having an incomplete fix for CVE-2022-1096.

tags | exploit
advisories | CVE-2022-1096, CVE-2022-1232
SHA-256 | a034f87b7b68c9e71d23b3a96392d323625a4e9fd5c2246a143f439e0d73ddee
Chrome 100 extensions::ExtensionApiFrameIdMap::GetFrameId Heap Use-After-Free
Posted May 16, 2022
Authored by Google Security Research, Glazvunov

A use-after-free issue exists in Chrome 100 and earlier versions. A malicious extension can achieve arbitrary code execution in the browser process.

tags | exploit, arbitrary, code execution
advisories | CVE-2022-0972
SHA-256 | 595428413ed6af41648e85f12bfacfc4d3b4b659dea62dab16b66777c9ddb014
Chrome content::DisplayCutoutHostImpl::SendSafeAreaToFrame Use-After-Free
Posted May 9, 2022
Authored by Google Security Research, Glazvunov

A use-after-free issue exists in Chrome 100 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process.

tags | exploit, web, arbitrary, code execution
advisories | CVE-2022-0971
SHA-256 | 84b488e3a4db5db9d8a3df99b628eaaf0e1c8d462ed33ed2d967d6a09c443252
Page 1 of 4
Back1234Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close