Twenty Year Anniversary
Showing 1 - 25 of 1,116 RSS Feed

Files from Google Security Research

First Active2000-02-18
Last Active2018-07-19
Chrome Swiftshader Blitting Floating-Point Precision Errors
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from floating-point precision errors in Swiftshader blitting.

tags | exploit
MD5 | 7b98d22e3cda5e01a29a389816481305
Chrome SwiftShader OpenGL Texture Binding Reference Count Leak
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from a reference count leak in SwiftShader OpenGL texture bindings.

tags | exploit
MD5 | 94c654dcb20a0856b832d97f6fed38a0
Chrome Swiftshader Texture Allocation Integer Overflow
Posted Jul 19, 2018
Authored by Google Security Research, Mark Brand

Chrome suffers from an integer overflow vulnerability in Swiftshader texture allocation.

tags | exploit, overflow
MD5 | b3eb960cb7d3278d871332f5993c7d6c
Linux/Ubuntu Coredump Reading Access Bypass
Posted Jul 13, 2018
Authored by Jann Horn, Google Security Research

Linux/Ubuntu suffers from a vulnerability where other users' coredumps can be read via a setgid directory and killpriv bypass.

tags | exploit
systems | linux, ubuntu
MD5 | 643a11ef1ca33c7ad1aef476e210c8b8
macOS / iOS OfficeImporter JavaScript Injection
Posted Jul 13, 2018
Authored by Google Security Research, lokihardt

macOS and iOS suffer from a javascript injection bug in OfficeImporter.

tags | exploit, javascript
systems | cisco, ios
MD5 | 8a77e3c5cc05866fe394bdbf6a928d1b
Microsoft Edge Chakra JIT SetConcatStrMultiItemBE Type Confusion
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a type confusion vulnerability with hoisted SetConcatStrMultiItemBE instructions.

tags | exploit
advisories | CVE-2018-8229
MD5 | 9b384b361e8b141c4703603f10a6db28
Microsoft Edge Chakra JIT BoundFunction::NewInstance Bug
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a bug. BoundFunction::NewInstance is used to handle calls to a bound function. The method first allocates a new argument array and copies the prepended arguments and others into the new argument array and calls the actual function. The problem is, it doesn't care about the CallFlags_NewTarget flag which indicates that there's an extra argument (new.target) at the end of the argument array. So the size of the new argument array created with the CallFlags_NewTarget flag will be always 1 less then required, this leads to an out-of-bounds read.

tags | exploit
advisories | CVE-2018-8139
MD5 | 2e11fd2e309888dfb033653d982fdc23
Microsoft Edge Chakra JIT Out-Of-Bounds Reads/Writes
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from multiple out of bounds reads and writes.

tags | exploit
advisories | CVE-2018-8145
MD5 | b73c99e652b5ab40ccfdf43c9715573b
Chrome V8 KeyAccumulator Bug
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from a bug in KeyAccumulator that can cause a crash.

tags | exploit
MD5 | 9fee601d9a1d2470bc41cfa501ef0dbc
Android media.metrics Service Race Condition
Posted Jun 28, 2018
Authored by Google Security Research, laginimaineb

Android suffers from multiple race condition vulnerabilities in the media.metrics service.

tags | exploit, vulnerability
MD5 | 06121632506dfafd6c92c75072b912b0
KVM Nest Virtualization L1 Guest Privilege Escalation
Posted Jun 25, 2018
Authored by Felix Wilhelm, Google Security Research

When KVM (on Intel) virtualizes another hypervisor as L1 VM it does not verify that VMX instructions from the L1 VM (which trigger a VM exit and are emulated by L0 KVM) are coming from ring 0.

tags | exploit
MD5 | 52237ddbf09d9e8e93706408732deecf
Microsoft Windows Desktop Bridge Virtual Registry Incomplete Fix
Posted Jun 20, 2018
Authored by James Forshaw, Google Security Research

The handling of the virtual registry for desktop bridge applications can allow an application to create arbitrary files as system resulting in privilege escalation. This is because the fix for CVE-2018-0880 (MSRC case 42755) did not cover all similar cases which were reported at the same time in the issue.

tags | exploit, arbitrary, registry
MD5 | 0c6e9aac6eb44da88353cc69fbad521f
Microsoft Windows Desktop Bridge Activation Arbitrary Directory Creation
Posted Jun 19, 2018
Authored by James Forshaw, Google Security Research

The activator for Desktop Bridge applications calls CreateAppContainerToken while running as a privileged account leading to creation of arbitrary object directories leading to privilege escalation.

tags | exploit, arbitrary
advisories | CVE-2018-8208
MD5 | 832f197845675cc7fc23e2136754692c
Microsoft Windows 10 1709 Child Process Restriction Mitigation Bypass
Posted Jun 13, 2018
Authored by James Forshaw, Google Security Research

Microsoft Windows 10 version 1709 suffers from a child process restriction mitigation bypass vulnerability.

tags | exploit, bypass
systems | windows
advisories | CVE-2018-0982
MD5 | 14320128fadf9ab6d9bdc495b2999b56
Google Chrome Integer Overflow When Processing WebAssembly Locals
Posted Jun 7, 2018
Authored by Google Security Research, natashenka

Google Chrome suffers from an integer overflow vulnerability when processing WebAssembly Locals.

tags | exploit, overflow, local
advisories | CVE-2018-6092
MD5 | aeb83fd88c3d4231411f5990050f821c
WebKit WebAssembly Compilation Information Leak
Posted Jun 7, 2018
Authored by Google Security Research, natashenka

WebKit suffers from an information leak vulnerability in WebAssembly Compilation.

tags | exploit
advisories | CVE-2018-4222
MD5 | 8a7060e2844a92fb8c612af806907919
Chrome V8 PromiseAllResolveElementClosure Element Confusion
Posted Jun 7, 2018
Authored by Google Security Research, lokihardt

Chrome V8 has an element confusion issue with PromiseAllResolveElementClosure.

tags | exploit
MD5 | e846e2172648f118d3f2ff6689c37c64
WebKit Generator Use-After-Free
Posted Jun 7, 2018
Authored by Google Security Research, natashenka

WebKit suffers from a use-after-free vulnerability when resuming generator.

tags | exploit
advisories | CVE-2018-4218
MD5 | bbd278c835aea19f068ff64534828d6b
WebRTC VP9 Missing Frame Processing Out-Of-Bounds Memory Access
Posted Jun 7, 2018
Authored by Google Security Research, natashenka

WebRTC VP9 missing frame processing suffers from an out-of-bounds memory access vulnerability.

tags | exploit
advisories | CVE-2018-6129
MD5 | 00cc61e87f0625b4254896a0155f9fc3
WebRTC VP9 Frame Processing Out-Of-Bounds Memory Access
Posted Jun 7, 2018
Authored by Google Security Research, natashenka

WebRTC VP9 frame processing a suffers from an out-of-bounds memory access vulnerability.

tags | exploit
advisories | CVE-2018-6130
MD5 | 706e2d1ce513062e5e894376a2bfe8e7
macOS / iOS Kernel Heap Overflow
Posted Jun 5, 2018
Authored by Google Security Research, ianbeer

The macOS and iOS kernels suffer from a heap overflow due to a lack of lower size check in getvolattrlist.

tags | exploit, overflow, kernel
systems | cisco, ios
advisories | CVE-2018-4243
MD5 | 8bc2ddee4be107c0fed7f5978e377f2c
XNU Kernel MPTCP Head Overflow
Posted Jun 5, 2018
Authored by Google Security Research, ianbeer

The XNU kernel suffers from a heap overflow vulnerability due to bad bounds checking in MPTCP.

tags | exploit, overflow, kernel
advisories | CVE-2018-4241
MD5 | 449d61519abf2905830578f282b2544c
macOS Kernel Use-After-Free
Posted Jun 5, 2018
Authored by Google Security Research, ianbeer

The macOS kernel suffers from a use-after-free vulnerability due to a lack of locking in the nvidia GeForce driver.

tags | exploit, kernel
advisories | CVE-2018-4230
MD5 | 9df96b20c281d23bcd8105e681608b33
Linux Kernel ext4_read_inline_data() Memory Corruption
Posted Jun 5, 2018
Authored by Google Security Research

Linux Kernel versions prior to 4.16.11 suffer from an ext4_read_inline_data() memory corruption vulnerability.

tags | exploit, kernel
systems | linux
advisories | CVE-2018-11412
MD5 | ef90cc76075cfbbd5c9ca92c6da53beb
Microsoft Edge Chakra EntrySimpleObjectSlotGetter Type Confusion
Posted May 31, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from an issue where EntrySimpleObjectSlotGetter can have side effects that cause a type confusion vulnerability.

tags | exploit
advisories | CVE-2018-8133
MD5 | ae691da69a6f584e9d6f3d6f325cc89e
Page 1 of 45
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    15 Files
  • 18
    Jul 18th
    15 Files
  • 19
    Jul 19th
    17 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close