what you don't know can hurt you
Showing 1 - 22 of 22 RSS Feed

Files from Glazvunov

Email addressglazunov at google.com
First Active2019-04-01
Last Active2019-11-08
Chrome Site Isolation Bypass / File Disclosure
Posted Nov 8, 2019
Authored by Google Security Research, Glazvunov

The Chrome Payment Handler API suffers from site isolation bypass and local file disclosure vulnerabilities.

tags | exploit, local, vulnerability
MD5 | a0e44b48eda93d22f89c1bb42d02f804
WebKit NodeRareData::m_connectedFrameCount Integer Overflow / UXSS / Type Confusion
Posted Nov 7, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from an integer overflow in NodeRareData::m_connectedFrameCount that can lead to universal cross site scripting and type confusion.

tags | exploit, overflow, xss
advisories | CVE-2019-8822
MD5 | ab1e8dd57e42d668deb196080d883ef1
WebKit JSObject::putInlineSlow / JSValue::putToPrimitive Universal XSS
Posted Nov 5, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a universal cross site scripting vulnerability in JSObject::putInlineSlow and JSValue::putToPrimitive.

tags | exploit, xss
MD5 | 892e0418e043bd54adfbb3915904b063
WebKit HTMLFrameElementBase::isURLAllowed Universal Cross Site Scripting
Posted Oct 28, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from an HTMLFrameElementBase::isURLAllowed universal cross site scripting vulnerability.

tags | exploit, xss
MD5 | ef966e699de1dd172f00de299de7c0a2
WebKit FrameLoader::clear Same-Origin Policy Bypass
Posted Oct 8, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a same-origin policy bypass vulnerability in FrameLoader::clear.

tags | exploit, bypass
MD5 | 68c6220522a24fcd9a591457a3c19b6f
WebKit Cached Pages Universal Cross Site Scripting
Posted Oct 1, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a universal cross site scripting vulnerability using cached pages.

tags | exploit, xss
MD5 | feb75421e7efde640b47418cf364c390
WebKit WebCore::ReplacementFragment::ReplacementFragment User-Agent Shadow Root Leak
Posted Oct 1, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a user-agent shadow root leak in WebCore::ReplacementFragment::ReplacementFragment.

tags | exploit, root
MD5 | 1e45ed827ba900226f8651daf3f4187f
WebKit WebCore::command Universal Cross Site Scripting
Posted Oct 1, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a universal cross site scripting vulnerability in WebCore::command.

tags | exploit, xss
MD5 | 9f13592add861df962bac226dc591317
WebKit URI / Synchronous Page Loads Universal Cross Site Scripting
Posted Oct 1, 2019
Authored by Google Security Research, Glazvunov

WebKit has an issue where URI and synchronous page loads are susceptible to a universal cross site scripting vulnerability.

tags | exploit, xss
MD5 | 31dbae9bdb725280046f9290bd4c6460
WebKit Universal Cross Site Scripting
Posted Aug 12, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a universal cross site scripting vulnerability via XSLT and nested document replacements.

tags | exploit, xss
advisories | CVE-2019-8690
MD5 | edfa91e3d768c7c1251900b4554b74ee
Chrome blink::PresentationAvailabilityState::UpdateAvailability Heap Use-After-Free
Posted Aug 6, 2019
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap use-after-free condition in blink::PresentationAvailabilityState::UpdateAvailability.

tags | exploit
MD5 | 10b023c0de6d6dc1fd2061aec8927a97
WebKit Synchronous Page Load Universal Cross Site Scripting
Posted Jul 26, 2019
Authored by Google Security Research, Glazvunov

WebKit suffers from a universal cross site scripting vulnerability due to synchronous page loads.

tags | exploit, xss
advisories | CVE-2019-8649
MD5 | ce9b3ee68f9af8ecb25b696082074bd1
Microsoft Windows HTTP To SMB NTLM Reflection Privilege Escalation
Posted Jul 15, 2019
Authored by Google Security Research, Glazvunov

Microsoft Windows suffers from an HTTP to SMB NTLM reflection that leads to a privilege escalation.

tags | exploit, web
systems | windows
advisories | CVE-2019-1019
MD5 | 62e80bf3709f00ac9657fb8dd16d9822
Google Chrome JS Execution Use-After-Free
Posted Jun 28, 2019
Authored by Google Security Research, Glazvunov

JS execution inside ScriptForbiddenScope can lead to a use-after-free condition in Google Chrome.

tags | exploit
MD5 | a25a061dd8cd7a270718b44d30f1a415
Google Chrome AudioWorkletGlobalScope::Process Use-After-Free
Posted Jun 28, 2019
Authored by Google Security Research, Glazvunov

Google Chrome suffers from a use-after-free vulnerability in AudioWorkletGlobalScope::Process.

tags | exploit
MD5 | 6daac66865b19bb201b237612eda82f9
Google Chrome PDF Plugin Pepper Socket API Access
Posted Jun 28, 2019
Authored by Google Security Research, Glazvunov

There is a security issue where Google Chrome's PDF plugin is allowed to use the Pepper Socket API. Patches are included in this archive.

tags | advisory
MD5 | 5bb6e50f43bb8b2d9342c6205e2cc79e
Google Chrome WasmMemoryObject::Grow Use-After-Free
Posted Jun 4, 2019
Authored by Google Security Research, Glazvunov

Google Chrome suffers from a use-after-free vulnerability in WasmMemoryObject::Grow.

tags | exploit
MD5 | 1b54f37104a497f36e7e8fd202605c1b
Chrome NewFixedDoubleArray Integer Overflow
Posted Apr 24, 2019
Authored by Google Security Research, Glazvunov

Chrome suffers from an integer overflow vulnerability in NewFixedDoubleArray.

tags | exploit, overflow
MD5 | b26427448c9bb392f1787ea07e216e0a
Chrome ReadableStream Internal Object Leak
Posted Apr 2, 2019
Authored by Google Security Research, Glazvunov

Chrome suffers from an internal object leak vulnerability in ReadableStream.

tags | exploit
MD5 | 6a97d2f992936446497e3bbc759c1cfb
Chrome JSPromise::TriggerPromiseReactions Type Confusion
Posted Apr 2, 2019
Authored by Google Security Research, Glazvunov

Chrome suffers from a type confusion vulnerability in JSPromise::TriggerPromiseReactions.

tags | exploit
MD5 | 1da1ae35b490e46af58d5192967700dd
Chrome V8TrustedTypePolicyOptions::ToImpl Type Confusion
Posted Apr 1, 2019
Authored by Google Security Research, Glazvunov

Chrome suffers from a type confusion vulnerability in V8TrustedTypePolicyOptions::ToImpl.

tags | exploit
MD5 | 98c38647d36157a9c19284e8e46c2d46
WebKitGTK+ ThreadedCompositor Race Condition
Posted Apr 1, 2019
Authored by Google Security Research, Glazvunov

The compositor thread in WebKitGTK+ might alter a FilterOperation object's reference count variable at the same time as the main thread. Then the reference count corruption might lead to a use-after-free condition.

tags | exploit
MD5 | 7cf03baad452fd88cc65c2145f359558
Page 1 of 1
Back1Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close