Twenty Year Anniversary
Showing 101 - 125 of 1,105 RSS Feed

Files from Google Security Research

First Active2000-02-18
Last Active2018-06-20
Microsoft Edge UnmapViewOfFile ACG Bypass
Posted Feb 15, 2018
Authored by Ivan Fratric, Google Security Research

Microsoft Edge suffers from an ACG bypass using UnmapViewOfFile.

tags | exploit
MD5 | 00e8f8ad6ea4b8b6fa4ff8c9f691a03a
Microsoft Edge Chakra JIT Incomplete Fix
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2018-0770
MD5 | a1bcc09777f48b460ea48c8fe2b4e014
Microsoft Edge Chakra JIT Array.prototype.reverse Array Type Confusion
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT from an array type confusion via Array.prototype.reverse.

tags | exploit
advisories | CVE-2018-0835
MD5 | ec83af991398b5a16f596517c5cffe53
Pdfium Shading Pattern Out-Of-Bounds Read
Posted Feb 15, 2018
Authored by Google Security Research, Mark Brand

Pdfium suffers from an out-of-bounds read vulnerability with shading pattern backed by pattern colorspace.

tags | exploit
MD5 | e26113bd8551c52b88a243b79666f8aa
Microsoft Edge Chakra JIT InitProto Array Type Confusion
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an array type confusion via InitProto instructions.

tags | advisory
advisories | CVE-2018-0834
MD5 | 7de1dee9e15dcb8d4a1750bf8753cab0
Microsoft Edge Chakra JIT Escape Analysis Bug
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT escape analysis bug #2.

tags | exploit
advisories | CVE-2018-0860
MD5 | 95ea3c7500bedcd3b29eea81e6d8b9de
Microsoft Edge Chakra JIT ImplicitCallFlags Checks Bypass
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an ImplicitCallFlags checks bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2018-0840
MD5 | 7c60809db202d943e78cfc2a70359dc0
Pdfium Pattern Shading Integer Overflow
Posted Feb 15, 2018
Authored by Google Security Research, Mark Brand

Pdfium suffers from integer overflow vulnerabilities in pattern shading.

tags | exploit, overflow, vulnerability
MD5 | 8249e633f7fb1bb2b541a3a9f968bfb2
Microsoft Edge Chakra JIT LdThis Type Confusion
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an LdThis type confusion vulnerability.

tags | exploit
advisories | CVE-2018-0837
MD5 | 24f96c408071fcd626fc4ff4726c8d8d
Chrome V8 Runtime_RegExpReplace Integer Overflow
Posted Feb 15, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from a Runtime_RegExpReplace integer overflow vulnerability.

tags | exploit, overflow
MD5 | 6eecead5f17d54fb399a387633a037f1
Pdfium Colorspaces Out-Of-Bounds Read
Posted Feb 15, 2018
Authored by Google Security Research, Mark Brand

Pdfium suffers from an out-of-bounds read vulnerability with nested colorspaces.

tags | advisory
MD5 | 431c828e56dcc082e1091c534174b86f
macOS AppleEmbeddedOSSupportHostClient::registerNotificationPort Use-After-Free
Posted Feb 8, 2018
Authored by Google Security Research, ianbeer

The macOS kernel suffers from a use-after-free issue due to a lack of locking in AppleEmbeddedOSSupportHostClient::registerNotificationPort.

tags | exploit, kernel
advisories | CVE-2018-4083
MD5 | ea0f5075fd72108cc6b63fbdbbf36665
Android KeyStore Permission Bypass
Posted Feb 6, 2018
Authored by Google Security Research, laginimaineb

The keystore binder service ("android.security.IKeystoreService") allows users to issue several commands related to key management, including adding, removing, exporting and generating cryptographic keys. The service is accessible to many SELinux contexts, including application contexts, but also unprivileged daemons such as "media.codec". A permission bypass vulnerability exists in the KeyStore service due to getpidcon.

tags | exploit, bypass
advisories | CVE-2017-13236
MD5 | 6217b7e5a6f72a1a4284d0fb186f9daf
Grammarly Auth Token Exposure
Posted Feb 6, 2018
Authored by Tavis Ormandy, Google Security Research

The Grammarly chrome extension (approximately ~20M users) exposes it's auth tokens to all websites, therefore any website can login to grammarly.com as you and access all your documents, history, logs, and all other data.

tags | advisory
MD5 | f106da528a9f256ae05df2217aee22c3
WebKit detachWrapper Use-After-Free
Posted Feb 3, 2018
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a use-after-free vulnerability in detachWrapper.

tags | exploit
advisories | CVE-2018-4089
MD5 | ab40e72385ce2ecec8785d781b2d76e7
WebKit WebCore::FrameView::clientToLayoutViewportPoint Use-After-Free
Posted Feb 3, 2018
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a use-after-free vulnerability in WebCore::FrameView::clientToLayoutViewportPoint.

tags | exploit
MD5 | 16c7265e2776a0e63832f568c8f7359d
Chromium filesystem::mojom::Directory Sandbox Escape
Posted Jan 31, 2018
Authored by Google Security Research, laginimaineb

Chromium suffers from a sandbox escape vulnerability via an exposed filesystem::mojom::Directory mojo interface in the catalog service.

tags | exploit
advisories | CVE-2018-6055
MD5 | 29596ace8468f827cee80ea00a7fe425
MacOS sysctl_vfs_generic_conf Stack Leak
Posted Jan 27, 2018
Authored by Jann Horn, Google Security Research

MacOS suffers from a sysctl_vfs_generic_conf stack leak through struct padding.

tags | advisory
advisories | CVE-2018-4090
MD5 | 376a5cb1ecad7a5a4de3c6b7b7067429
MacOS sysctl_default_netsvctype_to_dscp_map / sysctl_dscp_to_wifi_ac_map Stack Leak
Posted Jan 27, 2018
Authored by Jann Horn, Google Security Research

MacOS suffers from a sysctl_default_netsvctype_to_dscp_map and sysctl_dscp_to_wifi_ac_map stack leak through struct padding.

tags | advisory
advisories | CVE-2018-4093
MD5 | ae34699e2753df4dc0f4fbe8b25d4bd5
Blizzard Agent RPC Auth DNS Rebinding
Posted Jan 23, 2018
Authored by Tavis Ormandy, Google Security Research

Blizzard's agent rpc authentication mechanism is vulnerable to DNS rebinding attacks.

tags | exploit
MD5 | b6789d74b5b3b1095d488a9c4d2dcf9d
macOS 10.13 Kernel Memory Disclosure
Posted Jan 18, 2018
Authored by Google Security Research, ianbeer

macOS version 10.13 suffers from a kernel memory disclosure due to lack of bounds checking in AppleIntelCapriController::getDisplayPipeCapability.

tags | exploit, kernel
advisories | CVE-2017-13878
MD5 | 64dd02ddcdb2646e983a2c6616d02c4a
Microsoft Edge Chakra JIT ImplicitCallFlags Update Bugs
Posted Jan 18, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from multiple ImplicitCallFlags update bugs with RegExp.

tags | advisory
MD5 | c41a09cf405ff06d682f70d6a6758e71
Microsoft Edge Chakra AsmJSByteCodeGenerator::EmitCall Call Handling
Posted Jan 18, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from an AsmJSByteCodeGenerator::EmitCall call handling bug.

tags | exploit
advisories | CVE-2018-0780
MD5 | 1c7860ec256452b1d95a1e70975c4a35
Microsoft Edge Chakra JIT Loop Analysis Bug
Posted Jan 18, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a loop analysis bug that can perform an out-of-bounds write.

tags | exploit
advisories | CVE-2018-0777
MD5 | ff08702b950d0869cae0d738a90cb6ac
Microsoft Edge Chakra JIT Stack-To-Heap Copy Bug
Posted Jan 18, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a stack-to-heap copy bug.

tags | exploit
advisories | CVE-2018-0776
MD5 | 380e5767238c8dcf3ac7de7f26e6998c
Page 5 of 45
Back34567Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    8 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    32 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    2 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    15 Files
  • 21
    Jun 21st
    15 Files
  • 22
    Jun 22nd
    7 Files
  • 23
    Jun 23rd
    2 Files
  • 24
    Jun 24th
    1 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close