exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 148 RSS Feed

Files from lokihardt

First Active2017-02-24
Last Active2019-08-29
Microsoft Edge Chakra JIT ImplicitCallFlags Check Bypass
Posted Aug 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an ImplicitCallFlags check bypass vulnerability with Intl.

tags | exploit, bypass
advisories | CVE-2018-8288
SHA-256 | fa2ba833d2e86afeca1956fc5c100501e728bc7ca7779f47078461ffbd346bab
macOS / iOS OfficeImporter JavaScript Injection
Posted Jul 13, 2018
Authored by Google Security Research, lokihardt

macOS and iOS suffer from a javascript injection bug in OfficeImporter.

tags | exploit, javascript
systems | cisco, ios
SHA-256 | e8a235449f752566cb48a2a1f6f65e02d52cbd77feb6354393a30e556c4552e2
Microsoft Edge Chakra JIT SetConcatStrMultiItemBE Type Confusion
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a type confusion vulnerability with hoisted SetConcatStrMultiItemBE instructions.

tags | exploit
advisories | CVE-2018-8229
SHA-256 | f4b986bf36dfb05720fc2029354aa57451279bbc79487e82145d40d7bd8a2aef
Microsoft Edge Chakra JIT BoundFunction::NewInstance Bug
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a bug. BoundFunction::NewInstance is used to handle calls to a bound function. The method first allocates a new argument array and copies the prepended arguments and others into the new argument array and calls the actual function. The problem is, it doesn't care about the CallFlags_NewTarget flag which indicates that there's an extra argument (new.target) at the end of the argument array. So the size of the new argument array created with the CallFlags_NewTarget flag will be always 1 less then required, this leads to an out-of-bounds read.

tags | exploit
advisories | CVE-2018-8139
SHA-256 | aa1bde86d10b95d8ca0ccfc5d06fd9edd0e20688c8eadfbfc61a463d88cdead5
Microsoft Edge Chakra JIT Out-Of-Bounds Reads/Writes
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from multiple out of bounds reads and writes.

tags | exploit
advisories | CVE-2018-8145
SHA-256 | 14c73972e0db8500904cd6efa9a56ea40e8f8fbd7ed64d7345ffa202523fbfe4
Chrome V8 KeyAccumulator Bug
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from a bug in KeyAccumulator that can cause a crash.

tags | exploit
SHA-256 | 9e8f060d028a3d93afffe9ee1b45849ed961e276d79b29bac398a156e4412c41
Chrome V8 PromiseAllResolveElementClosure Element Confusion
Posted Jun 7, 2018
Authored by Google Security Research, lokihardt

Chrome V8 has an element confusion issue with PromiseAllResolveElementClosure.

tags | exploit
SHA-256 | 414db37f793a7bfd21520d94faca5a6d43a070984dfd1b0f62a9b7631e014e17
Microsoft Edge Chakra EntrySimpleObjectSlotGetter Type Confusion
Posted May 31, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from an issue where EntrySimpleObjectSlotGetter can have side effects that cause a type confusion vulnerability.

tags | exploit
advisories | CVE-2018-8133
SHA-256 | dac02c231e7c37da88c204ab8918570d1df7d88c3ea07b2805f9d5afd9081f44
Microsoft Edge Chakra Cross Context Bug Use-After-Free
Posted May 24, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from a cross context use-after-free vulnerability.

tags | exploit
advisories | CVE-2018-0946
SHA-256 | 3b419c01f8a186a0bd97c1be1da5f223ed4332c77c38f000eedcab19808e3482
Microsoft Edge Chakra JIT Magic Value Type Confusion
Posted May 24, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an issue where a magic value can cause a type confusion vulnerability.

tags | advisory
advisories | CVE-2018-0953
SHA-256 | b607bd66ac346df35ba88f1fbce5078e0b85fdb7c50c28f6628624a5252e48aa
Microsoft Edge Chakra JIT Bounce Check Elimination Bug
Posted May 18, 2018
Authored by Google Security Research, lokihardt

Chakra uses the InvariantBlockBackwardIterator class to backpropagate the information about the hoisted bound checks. But the class follows the linked list instead of the control flow. This may lead to incorrectly remove the bound checks.

tags | exploit
advisories | CVE-2018-0980
SHA-256 | fb86d007c56bfd6ada33e174da508e6d677ad9d0597953bd1d8e6d7694634532
Chrome V8 ObjectDescriptor Class Bug
Posted May 4, 2018
Authored by Google Security Research, lokihardt

Chrome V8 has a bug in the ObjectDescriptor class.

tags | advisory
SHA-256 | f26fccf07a6c7df134154a2d49e51e4045066a599ff0fc55583820893c867c31
Google Chrome V8 AwaitedPromise Update Bug
Posted Apr 26, 2018
Authored by Google Security Research, lokihardt

Google Chrome V8 Await methods call ResolveNativePromise which calls InternalResolvePromise which can invoke a user JavaScript code through a "then" getter. If the AwaitedPromise is replaced by the user script, the AwaitedPromise will be immediately overwritten after the call to Await, this may lead the generator to an incorrect state.

tags | exploit, javascript
advisories | CVE-2018-6106
SHA-256 | 78b2c24ff6a8f61df29a3ac781ec2f32f86061d57afb7512f75393705b8644f1
Google Chrome V8 Arrow Function Scope Fixing Bug
Posted Apr 26, 2018
Authored by Google Security Research, lokihardt

Google Chrome V8 suffers from an arrow function scope fixing bug.

tags | exploit
SHA-256 | 24f3824206b56675fc861c6cdc7ec310f3cd9a072873f501aa8fd3d6295dfdca
Chrome V8 JIT NodeProperties::InferReceiverMaps Type Confusion
Posted Apr 21, 2018
Authored by Google Security Research, lokihardt

Chrome V8 JIT suffers from a NodeProperties::InferReceiverMaps type confusion vulnerability.

tags | exploit
SHA-256 | 8f66586231cd91aa2a08984a14f3311417775c1a4895253e34a83ed442b29952
Chrome V8 JIT LoadElimination::ReduceTransitionElementsKind Bug
Posted Apr 11, 2018
Authored by Google Security Research, lokihardt

Chrome V8 JIT has a bug in LoadElimination::ReduceTransitionElementsKind.

tags | exploit
SHA-256 | 52130a23075fc5e0b4b4579f903a76984d5f42031dd384419293b72dcd72fee7
Microsoft Edge Charka JIT Incomplete Fix For Issue 1420 #2
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

A security fix applied for Microsoft Edge Chakra JIT is incomplete.

tags | exploit
advisories | CVE-2018-0934
SHA-256 | 7fa9ae7d44d240e41a8c31b515d60a4f1624eb25e026c49221e4151fba5ea6c4
Microsoft Edge Charka JIT Incomplete Fix For Issue 1420
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

A security fix applied for Microsoft Edge Chakra JIT is incomplete.

tags | exploit
advisories | CVE-2018-0933
SHA-256 | 3218d20b4b0f7b38f5401ba0b1f959df90c67629ecd1eb26504d9375a5243f97
Chrome V8 Genesis::InitializeGlobal Bugs
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

Chrome V8 has multiple bugs in Genesis::InitializeGlobal.

tags | exploit
SHA-256 | a4ae91099b943cc5ac37c117d80d600d10db590d6f64307f0ed1895f3364aaa1
Chrome V8 ElementsAccessorBase::CollectValuesOrEntriesImpl Type Confusion
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from a type confusion vulnerability in ElementsAccessorBase::CollectValuesOrEntriesImpl.

tags | exploit
advisories | CVE-2018-6064
SHA-256 | ac6fee41baa624a52e82aa1b36ff3b3ed8a2add6a9505c1256898fb3cc24c9bb
Chrome V8 JIT GetSpecializationContext Type Confusion
Posted Mar 5, 2018
Authored by Google Security Research, lokihardt

Chrome V8 JIT suffers from a type confusion vulnerability in GetSpecializationContext.

tags | exploit
SHA-256 | 99a6e3514cf19cca4fe6002bb305173115f88838cdba2875ffa1a4de4f173f43
Chrome V8 JIT JSBuiltinReducer::ReduceObjectCreate NULL Check Fail
Posted Mar 5, 2018
Authored by Google Security Research, hyp3rlinx, lokihardt

Chrome V8 JIT JSBuiltinReducer::ReduceObjectCreate fails to ensure that the prototype is "null".

tags | exploit
SHA-256 | 1dab39822e88deb84dbd34344ce1eae38572e48ff784b7a073deec1bb63b7b1d
Chrome V8 Out-Of-Bounds Read
Posted Mar 5, 2018
Authored by Google Security Research, lokihardt

Chrome V8 has an empty BytecodeJumpTable that may lead to an out-of-bounds read.

tags | exploit
SHA-256 | 7acf9bc038faf16f44253fb9a2fe21825a81572b59e8ab231e65443fdd0db941
Chrome V8 JIT Optmization Bug
Posted Mar 5, 2018
Authored by Google Security Research, lokihardt

Chrome V8 JIT suffers from a simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement optimization bug.

tags | exploit
SHA-256 | ea79bf295a09f5f37553a269c502167a1bf4e5dddb597b29e6fa88cd9179c5f8
Chrome V8 PropertyArray Integer Overflow
Posted Feb 26, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from an integer overflow vulnerability with PropertyArray.

tags | exploit, overflow
SHA-256 | 78544b73868b4a617f838b6eedac6007779756c897dfb03b1166522de63fa42c
Page 2 of 6
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close