Twenty Year Anniversary
Showing 1 - 25 of 113 RSS Feed

Files from lokihardt

First Active2017-02-24
Last Active2018-05-18
Microsoft Edge Chakra JIT Bounce Check Elimination Bug
Posted May 18, 2018
Authored by Google Security Research, lokihardt

Chakra uses the InvariantBlockBackwardIterator class to backpropagate the information about the hoisted bound checks. But the class follows the linked list instead of the control flow. This may lead to incorrectly remove the bound checks.

tags | exploit
advisories | CVE-2018-0980
MD5 | 09442d487262053ca44c67ade9eacecb
Chrome V8 ObjectDescriptor Class Bug
Posted May 4, 2018
Authored by Google Security Research, lokihardt

Chrome V8 has a bug in the ObjectDescriptor class.

tags | advisory
MD5 | eb7d7ce8d537b4c677c0f9783ad86bd4
Google Chrome V8 AwaitedPromise Update Bug
Posted Apr 26, 2018
Authored by Google Security Research, lokihardt

Google Chrome V8 Await methods call ResolveNativePromise which calls InternalResolvePromise which can invoke a user JavaScript code through a "then" getter. If the AwaitedPromise is replaced by the user script, the AwaitedPromise will be immediately overwritten after the call to Await, this may lead the generator to an incorrect state.

tags | exploit, javascript
advisories | CVE-2018-6106
MD5 | eb56f2216b0ca1318d166d23fcad7b4c
Google Chrome V8 Arrow Function Scope Fixing Bug
Posted Apr 26, 2018
Authored by Google Security Research, lokihardt

Google Chrome V8 suffers from an arrow function scope fixing bug.

tags | exploit
MD5 | 4d52efa2602d737aaf7180cc2543c06c
Chrome V8 JIT NodeProperties::InferReceiverMaps Type Confusion
Posted Apr 21, 2018
Authored by Google Security Research, lokihardt

Chrome V8 JIT suffers from a NodeProperties::InferReceiverMaps type confusion vulnerability.

tags | exploit
MD5 | d8ca369d4de256bff5cc0437ef5167b1
Chrome V8 JIT LoadElimination::ReduceTransitionElementsKind Bug
Posted Apr 11, 2018
Authored by Google Security Research, lokihardt

Chrome V8 JIT has a bug in LoadElimination::ReduceTransitionElementsKind.

tags | exploit
MD5 | 29850b01c4442ac8e9f2a4fed323efe8
Microsoft Edge Charka JIT Incomplete Fix For Issue 1420 #2
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

A security fix applied for Microsoft Edge Chakra JIT is incomplete.

tags | exploit
advisories | CVE-2018-0934
MD5 | 6099c93a3f08c4e81ed7de84882cba0a
Microsoft Edge Charka JIT Incomplete Fix For Issue 1420
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

A security fix applied for Microsoft Edge Chakra JIT is incomplete.

tags | exploit
advisories | CVE-2018-0933
MD5 | dc6e350de68f5b22d4f1cdba5404821b
Chrome V8 Genesis::InitializeGlobal Bugs
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

Chrome V8 has multiple bugs in Genesis::InitializeGlobal.

tags | exploit
MD5 | 0b5c156e751faddf1932eeb73dcaf083
Chrome V8 ElementsAccessorBase::CollectValuesOrEntriesImpl Type Confusion
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from a type confusion vulnerability in ElementsAccessorBase::CollectValuesOrEntriesImpl.

tags | exploit
advisories | CVE-2018-6064
MD5 | e92050fc25960e3ebedf1862a29f2346
Chrome V8 JIT GetSpecializationContext Type Confusion
Posted Mar 5, 2018
Authored by Google Security Research, lokihardt

Chrome V8 JIT suffers from a type confusion vulnerability in GetSpecializationContext.

tags | exploit
MD5 | c1e3d25702ab92ccc6b9e4fa26a23ca8
Chrome V8 JIT JSBuiltinReducer::ReduceObjectCreate NULL Check Fail
Posted Mar 5, 2018
Authored by Google Security Research, lokihardt

Chrome V8 JIT JSBuiltinReducer::ReduceObjectCreate fails to ensure that the prototype is "null".

tags | exploit
MD5 | 96db4756a94460953b8651efe3b9243c
Chrome V8 Out-Of-Bounds Read
Posted Mar 5, 2018
Authored by Google Security Research, lokihardt

Chrome V8 has an empty BytecodeJumpTable that may lead to an out-of-bounds read.

tags | exploit
MD5 | 3ec3eecf67ab73ca7415c975c50dffbb
Chrome V8 JIT Optmization Bug
Posted Mar 5, 2018
Authored by Google Security Research, lokihardt

Chrome V8 JIT suffers from a simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement optimization bug.

tags | exploit
MD5 | cf482c8ffa69e71cd5fd8a7fedeea173
Chrome V8 PropertyArray Integer Overflow
Posted Feb 26, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from an integer overflow vulnerability with PropertyArray.

tags | exploit, overflow
MD5 | a744b96818e7fa9056019e277794d0ce
Chrome V8 TranslatedState::MaterializeCapturedObjectAt Caching Bug
Posted Feb 26, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from a TranslatedState::MaterializeCapturedObjectAt caching bug.

tags | exploit
MD5 | 674af9848d79bb89d0a7a0de3e4d7028
Microsoft Edge Chakra JIT CallRegExSymbolFunction Return Check Fail
Posted Feb 26, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT fails to check the return type in CallRegExSymbolFunction.

tags | exploit
MD5 | b730434f94ef176ac17055fa8c62695c
Microsoft Edge Chakra JIT NewScObjectNoCtor Array Type Confusion
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an array type confusion via NewScObjectNoCtor.

tags | exploit
advisories | CVE-2018-0838
MD5 | b346efc94524402d160194830a4e23a7
Microsoft Edge Chakra JIT Incomplete Fix
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2018-0770
MD5 | a1bcc09777f48b460ea48c8fe2b4e014
Microsoft Edge Chakra JIT Array.prototype.reverse Array Type Confusion
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT from an array type confusion via Array.prototype.reverse.

tags | exploit
advisories | CVE-2018-0835
MD5 | ec83af991398b5a16f596517c5cffe53
Microsoft Edge Chakra JIT InitProto Array Type Confusion
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an array type confusion via InitProto instructions.

tags | advisory
advisories | CVE-2018-0834
MD5 | 7de1dee9e15dcb8d4a1750bf8753cab0
Microsoft Edge Chakra JIT Escape Analysis Bug
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT escape analysis bug #2.

tags | exploit
advisories | CVE-2018-0860
MD5 | 95ea3c7500bedcd3b29eea81e6d8b9de
Microsoft Edge Chakra JIT ImplicitCallFlags Checks Bypass
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an ImplicitCallFlags checks bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2018-0840
MD5 | 7c60809db202d943e78cfc2a70359dc0
Microsoft Edge Chakra JIT LdThis Type Confusion
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an LdThis type confusion vulnerability.

tags | exploit
advisories | CVE-2018-0837
MD5 | 24f96c408071fcd626fc4ff4726c8d8d
Chrome V8 Runtime_RegExpReplace Integer Overflow
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from a Runtime_RegExpReplace integer overflow vulnerability.

tags | exploit, overflow
MD5 | 6eecead5f17d54fb399a387633a037f1
Page 1 of 5
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    6 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    3 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close