exploit the possibilities
Showing 1 - 25 of 1,230 RSS Feed

Files from Google Security Research

First Active2000-02-18
Last Active2019-01-15
Microsoft Windows COM Desktop Broker Privilege Escalation
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a COM Desktop Broker privilege escalation vulnerability.

tags | exploit
systems | windows
advisories | CVE-2019-0552
MD5 | 33bec631eeba1af2a94a0e9dbba06bd0
Microsoft Windows Browser Broker Cross Session Privilege Escalation
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a Browser Broker cross session privilege escalation vulnerability.

tags | exploit
systems | windows
advisories | CVE-2019-0566
MD5 | 229198c64a95f918f122595f4ee355a9
Microsoft Windows DSSVC MoveFileInheritSecurity Privilege Escalation
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from DSSVC MoveFileInheritSecurity privilege escalation vulnerabilities.

tags | exploit, vulnerability
systems | windows
advisories | CVE-2019-0574
MD5 | 66e30ac5fe6b293e058c5267f533b4ef
Microsoft Windows DSSVC CanonicalAndValidateFilePath Security Feature Bypass
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a DSSVC CanonicalAndValidateFilePath security feature bypass vulnerability.

tags | exploit, bypass
systems | windows
advisories | CVE-2019-0571
MD5 | 47b391aa29c8007a02ea421b578013c9
Microsoft Windows DSSVC DSOpenSharedFile Arbitrary File Delete Privilege Escalation
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a DSSVC DSOpenSharedFile arbitrary file delete privilege escalation vulnerability.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2019-0573
MD5 | b222cf88f9572d3d9f640ba2ca02e3d4
Microsoft Windows DSSVC DSOpenSharedFile Arbitrary File Open Privilege Escalation
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a DSSVC DSOpenSharedFile arbitrary file open privilege escalation vulnerability.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2019-0572
MD5 | bb2e921fb41ce1f0d91dd85e884db5f2
Microsoft Windows SSPI Network Authentication Session 0 Privilege Escalation
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from an SSPI network authentication session 0 privilege escalation vulnerability.

tags | exploit
systems | windows
advisories | CVE-2019-0543
MD5 | 983731eb8f0ab4d5e06fd6f0de137c76
Wireshark get_t61_string Heap Out-Of-Bounds Read
Posted Jan 8, 2019
Authored by Google Security Research, mjurczyk

Wireshark suffers from a get_t61_string heap out-of-bounds read vulnerability.

tags | exploit
MD5 | 43cb4c02b902708d8069391d9e3e6872
Polkit Temporary Authentication Hijacking
Posted Jan 8, 2019
Authored by Jann Horn, Google Security Research

Polkit suffers from a temporary auth hijacking vulnerability via PID reuse and a non-atomic fork.

tags | exploit
MD5 | 57634c3dcea314066b8d2beba7cfe951
Microsoft Windows DSSVC CheckFilePermission Arbitrary File Deletion
Posted Jan 8, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a privilege escalation vulnerability. The Data Sharing Service does not has a TOCTOU in PolicyChecker::CheckFilePermission resulting in an arbitrary file deletion.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2018-8584
MD5 | bd93c9fa1baa36c07dad7069c043ffd7
WebKit JSC AbstractValue::set Use-After-Free
Posted Dec 27, 2018
Authored by Google Security Research, lokihardt

WebKit JSC suffers from a use-after-free vulnerability that can be used to bypass write barriers.

tags | exploit
advisories | CVE-2018-4443
MD5 | f6e693ef692196881715a01dcdc39b91
WebKit JSC JSArray::shiftCountWithArrayStorage Out-Of-Band Read / Write
Posted Dec 27, 2018
Authored by Google Security Research, lokihardt

WebKit JSC suffers from out-of-bounds read and write vulnerabilities in JSArray::shiftCountWithArrayStorage.

tags | exploit, vulnerability
advisories | CVE-2018-4441
MD5 | 75dbb70a739e6c66466398a40ffdab49
VBScript MSXML Policy Bypass
Posted Dec 19, 2018
Authored by Ivan Fratric, Google Security Research

Starting from Windows 10 Fall Creators Update, VBScript execution in IE 11 should be disabled for websites in the Internet Zone and the Restricted Sites Zone by default. However, the VBScript execution policy does not appear to cover VBScript code in MSXML xsl files which can still execute VBScript, even when loaded from the Internet Zone.

tags | exploit
systems | windows
advisories | CVE-2018-8619
MD5 | ce43b2ebae9f07a7d017a64ce3308636
VBScript VbsErase Reference Leak
Posted Dec 19, 2018
Authored by Ivan Fratric, Google Security Research

There is an reference leak in Microsoft VBScript that can be turned into an use-after-free given sufficient time. The vulnerability has been confirmed in Internet Explorer on various Windows versions with the latest patches applied.

tags | exploit
systems | windows
advisories | CVE-2018-8625
MD5 | 7a89325a4a9a9ce9b151cea5f6c4b348
Microsoft Windows jscript!JsArrayFunctionHeapSort Out-Of-Bounds Write
Posted Dec 18, 2018
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds write vulnerability in jscript.dll in the JsArrayFunctionHeapSort function. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network.

tags | exploit, local
advisories | CVE-2018-8631
MD5 | 82afb637d0f91a3f4210fbcfc5b8c0ea
Razer Cortex Debugger Remote Command Execution
Posted Dec 17, 2018
Authored by Tavis Ormandy, Google Security Research

Razer Cortex has a CEF debugger stub enabled by default allowing arbitrary remote command execution.

tags | exploit, remote, arbitrary
MD5 | 1d2152a1c114ec3e8cfb933b419a219c
CUPS Weak Session Cookie Generation
Posted Dec 12, 2018
Authored by Jann Horn, Google Security Research

CUPS generates session cookies srandom(time(NULL)) and random() on Linux.

tags | advisory
systems | linux
advisories | CVE-2018-4700
MD5 | 583f7c6a7321642c12877e79a0682883
Linux userfaultfd tmpfs File Permission Bypass
Posted Dec 12, 2018
Authored by Jann Horn, Google Security Research

Linux userfaultfd bypasses tmpfs file permissions.

tags | exploit
systems | linux
advisories | CVE-2018-18397
MD5 | 61256d48b95082beb5d8e4ef759bcd4c
Logitech Options Craft WebSocket Server Missing Authentication
Posted Dec 12, 2018
Authored by Tavis Ormandy, Google Security Research

The Logitech "Options" craft websocket server has no authentication.

tags | advisory
MD5 | 351cebf77410e506f6772f6e57f6204e
WebKit JIT Proxy Object Issue
Posted Dec 12, 2018
Authored by Google Security Research, lokihardt

WebKit JIT int32/double arrays can have proxy objects in the prototype chains.

tags | exploit
advisories | CVE-2018-4438
MD5 | 06865c2504867e5e78ec061c65753733
McAfee True Key 5.1.173.1 Privilege Escalation
Posted Dec 11, 2018
Authored by James Forshaw, Google Security Research

McAfee True Key version 5.1.173.1 on Windows 10 1809 has multiple issues in the implementation of the McAfee.TrueKey.Service which can result in privilege escalation through executing arbitrary processes or deleting files and directories.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2018-6755, CVE-2018-6756, CVE-2018-6757
MD5 | f1a320f91998eaef2cba50213365ef59
Google Chrome 70.0.3538.77 Cross Site Scripting / Man-In-The-Middle
Posted Dec 11, 2018
Authored by Jann Horn, Google Security Research

Google Chrome version 70.0.3538.77 stable suffers from cross site scripting and man-in-the-middle vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 983c9bbc501d7d7ca4d8d631173677e7
XNU POSIX Shared Memory Mapping Issue
Posted Dec 11, 2018
Authored by Jann Horn, Google Security Research

XNU POSIX has an issue where shared memory mapping have an incorrect maximum protection.

tags | exploit
advisories | CVE-2018-4435
MD5 | ac2760f95d5d33a22ed9bc8cebfab544
Wireshark cdma2k_message_ACTIVE_SET_RECORD_FIELDS Stack Corruption
Posted Dec 6, 2018
Authored by Google Security Research, mjurczyk

Wireshark suffers from a stack corruption vulnerability in cdma2k_message_ACTIVE_SET_RECORD_FIELDS.

tags | exploit
MD5 | 4f571857a06d3e3cbcb563eac1e1b3e6
Chrome V8 Math.expm1 Incorrect Type Information
Posted Dec 5, 2018
Authored by Google Security Research, sroett

Chrome V8 sets incorrect type information on Math.expm1.

tags | advisory
MD5 | 8d398e4f8f1b1a35eddcca69c66a88fc
Page 1 of 50
Back12345Next

File Archive:

January 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    15 Files
  • 2
    Jan 2nd
    15 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    1 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    24 Files
  • 8
    Jan 8th
    15 Files
  • 9
    Jan 9th
    16 Files
  • 10
    Jan 10th
    22 Files
  • 11
    Jan 11th
    17 Files
  • 12
    Jan 12th
    3 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    30 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close