exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 59 RSS Feed

Files from laginimaineb

First Active2016-05-02
Last Active2018-06-28
Android media.metrics Service Race Condition
Posted Jun 28, 2018
Authored by Google Security Research, laginimaineb

Android suffers from multiple race condition vulnerabilities in the media.metrics service.

tags | exploit, vulnerability
SHA-256 | a656fd451726abc4db30105b2ca67987815f338e9dadcd85a7b86bfb41ec66b0
Chromium memory_instrumentation::mojom::Coordinator Information Disclosure
Posted Mar 12, 2018
Authored by Google Security Research, laginimaineb

Chromium suffers from an information disclosure vulnerability via the memory_instrumentation::mojom::Coordinator interface in the resource_coordinator service.

tags | exploit, info disclosure
advisories | CVE-2018-6080
SHA-256 | 8f1e7d94c7bacd867eadee5a2e0446540a438c33731c077276a64140fe9ca89c
Chromium mojo::WrapSharedMemoryHandle Insufficient Call
Posted Mar 12, 2018
Authored by Google Security Research, laginimaineb

Chromium suffers from an issue where calling mojo::WrapSharedMemoryHandle is insufficient to produce read-only descriptors for IPC.

tags | exploit
advisories | CVE-2018-6063
SHA-256 | 0c46a91f3c32f52b62bfb60bb13c87615b045cdf420a8d8482253ec38f461b90
Chromium Android Writable SharedMemory Descriptors
Posted Mar 12, 2018
Authored by Google Security Research, laginimaineb

Chromium suffers from an issues where read-only SharedMemory descriptors on Android are writable.

tags | exploit
advisories | CVE-2018-6057
SHA-256 | c639c315e5c2cd33cc9d9132a1943aa075dc30df5205d89729d91cdac3c913eb
Chromium Incorrect Size Calculation Out-Of-Bounds Access
Posted Mar 4, 2018
Authored by Google Security Research, laginimaineb

A Chromium incorrect size calculation when deserializing Mojo "Event" messages can lead to out-of-bounds access.

tags | exploit
SHA-256 | 4541b3a1207de2977b0a35916b1c9723661e8db7a73258d0661f4326880c004c
Android KeyStore Permission Bypass
Posted Feb 6, 2018
Authored by Google Security Research, laginimaineb

The keystore binder service ("android.security.IKeystoreService") allows users to issue several commands related to key management, including adding, removing, exporting and generating cryptographic keys. The service is accessible to many SELinux contexts, including application contexts, but also unprivileged daemons such as "media.codec". A permission bypass vulnerability exists in the KeyStore service due to getpidcon.

tags | exploit, bypass
advisories | CVE-2017-13236
SHA-256 | 6ed0443148f7bc7399d221b938f4d9d513e62f7eb29fc37ea0cebb2f098bfa44
Chromium filesystem::mojom::Directory Sandbox Escape
Posted Jan 31, 2018
Authored by Google Security Research, laginimaineb

Chromium suffers from a sandbox escape vulnerability via an exposed filesystem::mojom::Directory mojo interface in the catalog service.

tags | exploit
advisories | CVE-2018-6055
SHA-256 | cc97041329fb5fde5d5be5b7ba4a75fde06179aa88f36bf5eb0548c2978bc596
Android Hardware Service Manager Arbitrary Service Replacement
Posted Jan 11, 2018
Authored by Google Security Research, laginimaineb

Android hardware service manager suffers from an arbitrary service replacement issue due to getpidcon.

tags | exploit, arbitrary
advisories | CVE-2017-13209
SHA-256 | f3c654241f72f6831aeb0f59add58d0444e58c9b772cb063afceb130c32cf237
Android ashmem Race Condition
Posted Jan 10, 2018
Authored by Google Security Research, laginimaineb

The Android MemoryIntArray class allows processes to share an in-memory array of integers backed by an "ashmem" file descriptor. As the class implements the Parcelable interface, it can be inserted into a Parcel, and optionally placed in a Bundle and transferred via binder to remote processes.

tags | exploit, remote
advisories | CVE-2017-13216
SHA-256 | 029f917e2e536de18d04761028191f4815fb7c9f5d6d53318a48a27ff5c347bb
Broadcom ICMPv6 Information Leak
Posted Oct 2, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from an information leak vulnerability in ICMPv6 router advertisement offloading.

tags | advisory
advisories | CVE-2017-11122
SHA-256 | 9c5be915161b05ece6582250e12e4414f152875c9a690b3c5e891a030e63fcb5
Broadcom TCP KeepAlive Offloading DoS / Out-Of-Bounds Read
Posted Sep 27, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from denial of service and out-of-bounds read vulnerabilities in TCP KeepAlive Offloading.

tags | advisory, denial of service, tcp, vulnerability
advisories | CVE-2017-7066
SHA-256 | 0fd01faa7f991415a9981c3f63751b39f36aaeb1dec6b946eaed0cb7adfa715f
Broadcom 802.11r (FT) Reassociation Response Overflows
Posted Sep 26, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from multiple overflow vulnerabilities when handling 802.11r (FT) Reassociation Response.

tags | advisory, overflow, vulnerability
advisories | CVE-2017-11121
SHA-256 | 4e4363e0afff7c0a8c3e6b53d804a1172c36d104c17e2a3b7c6eebe8edf51451
Broadcom 802.11k Neighbor Report Response Out-Of-Bounds Write
Posted Sep 26, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from an out-of-bounds write when handling 802.11k Neighbor Report Response.

tags | exploit
advisories | CVE-2017-11120
SHA-256 | 82fc971e12c2491131ffec544a1ec8c4c1c02697141d693f357d4951ceab15ce
Broadcom 802.11v WNM Sleep Mode Response Heap Overflow
Posted Sep 26, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from a heap overflow vulnerability when handling 802.11v WNM Sleep Mode Response.

tags | advisory, overflow
advisories | CVE-2017-7065
SHA-256 | bfafe6c08335222f164c3154a1ec33d8b038b473faa28bc94fc7946a6d0e9bba
Apple WLC_E_COUNTRY_CODE_CHANGED Information Leak
Posted Sep 22, 2017
Authored by Google Security Research, laginimaineb

Apple products suffers from an information leak when handling WLC_E_COUNTRY_CODE_CHANGED event packets.

tags | advisory
systems | apple
advisories | CVE-2017-7116
SHA-256 | d9fd260e76fa5bb413e17f4cda2ada7d5e896a778a13ebaf5b7d8bf3679a09e6
Apple PCIe Message Ring Protocol Race Conditions
Posted Sep 22, 2017
Authored by Google Security Research, laginimaineb

The Apple PCIe Message Ring protocol suffers from multiple race conditions that can lead to out-of-bounds read and writes.

tags | advisory, protocol
systems | apple
advisories | CVE-2017-7115
SHA-256 | 9d829639573f82bd62beacc1312bfa32eb067d298b7f05c51fa7d65065d918c1
Apple setVendorIE Heap Overflow / Information Disclosure
Posted Sep 22, 2017
Authored by Google Security Research, laginimaineb

Heap overflow and information disclosure vulnerabilities exist in Apple's setVendorIE when handling ioctl results.

tags | advisory, overflow, vulnerability, info disclosure
systems | apple
advisories | CVE-2017-7110
SHA-256 | c549b5fce03407f8bce467f2a8413f2729a2df5e52d5696e76a216319fcaedd3
Apple Out-Of-Bounds NUL Byte Write
Posted Sep 22, 2017
Authored by Google Security Research, laginimaineb

Apple products suffer from an issue where an out-of-band NUL byte write occurs when handling WLC_E_TRACE event packets.

tags | advisory
systems | apple
advisories | CVE-2017-7112
SHA-256 | 47ee5c128bfcfb4a1dc15e92a364f7ed639bb5fa9a32e0849814541a789a8c46
Apple updateRateSetAsyncCallback Heap Overflow
Posted Sep 22, 2017
Authored by Google Security Research, laginimaineb

A heap overflow vulnerability exists in Apple's updateRateSetAsyncCallback when handling ioctl results.

tags | advisory, overflow
systems | apple
advisories | CVE-2017-7108
SHA-256 | 5baf4461e02f823d473ce5e80cdf29107fb3e4d0bc77201b0a37d01d752ae1ba
Apple assembleBGScanResults Heap Overflow
Posted Sep 22, 2017
Authored by Google Security Research, laginimaineb

There is a heap overflow vulnerability in Apple's assembleBGScanResults when handling ioctl results.

tags | advisory, overflow
systems | apple
advisories | CVE-2017-7105
SHA-256 | e497d754530da645d0dfa81b8d9378547e7195bb0e4f5b900f516e4799502c81
Apple AppleBCMWLANCore Driver Heap Overflow
Posted Sep 21, 2017
Authored by Google Security Research, laginimaineb

There is a heap overflow in Apple's AppleBCMWLANCore driver when handling Completed Firmware Timestamp messages (0x27).

tags | advisory, overflow
systems | apple
advisories | CVE-2017-7103
SHA-256 | 859f5e2dd3a8465d5b3ba18254bb4a28a1247d2b72149d337adb0d58d1245663
Samsung Trustonic Trustlet Revocation
Posted Jul 21, 2017
Authored by Google Security Research, laginimaineb

Trustonic's Trusted Execution Environment (TEE) OS fails to perform revocation of trustlets.

tags | exploit
SHA-256 | 5292643705b2a592ce4d79010191e3052ef98b5f67f2a9fe9356b30677b6295e
Android Device QSEE Trustlet Revocation
Posted Jun 6, 2017
Authored by Google Security Research, laginimaineb

Multiple Android devices do not revoke known-bad QSEE trustlets.

tags | exploit
SHA-256 | 17ae488394ddefdc0e0c926eda5fcf2f19e66c833209048a10977e69275c94e5
Broadcom wldev_ioctl Information Leak
Posted May 23, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from a host to dongle information leak via wldev_ioctl.

tags | advisory
advisories | CVE-2017-0633
SHA-256 | 041b12daf028a74772de5874f4f3807b189eefcc5651de1a44fae1f291723a91
Broadcom bcmdhd Memory Corruption
Posted Apr 9, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from multiple memory corruption vulnerabilities in bcmdhd when handling WLFC information.

tags | advisory, vulnerability
advisories | CVE-2017-0571
SHA-256 | f5a58cf7ae8276a39860c6aea58e0dbe45912d3449e817de2e068153129564d2
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close