what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 98 RSS Feed

Files

Microsoft Edge Chakra NULL Pointer Dereference
Posted Aug 20, 2017
Authored by He Xiaoxiao, Huang Anwen

Microsoft Edge Chakra suffers from a null pointer dereference vulnerability.

tags | exploit
advisories | CVE-2017-8636
SHA-256 | ea551ed38595cabf2922d70955d0c971af950a1d0c9e3958f4f1d1902aea36ad

Related Files

Microsoft Edge Flash click2play Bypass
Posted Mar 19, 2019
Authored by Ivan Fratric, Google Security Research

Microsoft Edge suffers from a Flash click2play bypass with CObjectElement::FinalCreateObject.

tags | exploit
advisories | CVE-2019-0612
SHA-256 | fdda336815ac63fe08759882eed8c25471acba4310abb045c2527612f4538060
Microsoft Edge Chakra 1.11.4 Type Confusion
Posted Mar 4, 2019
Authored by Fahad Aid Alharbi

Microsoft Edge Chakra version 1.11.4 read permission via type confusion proof of concept exploit.

tags | exploit, proof of concept
advisories | CVE-2019-0539
SHA-256 | 02a1f7246d6620617cee5dc2e6410aa80ea33cb275e22c442aacfbefb52a15df
Microsoft Edge Insecure click2play Whitelist
Posted Feb 19, 2019
Authored by Ivan Fratric, Google Security Research

Microsoft Edge has an issue where the default flash click2play whitelist is insecure.

tags | advisory
advisories | CVE-2019-0641
SHA-256 | b67a708bf7118de58f25eedb37a2a8891d000105b033f1e3397bcf8d54354a2a
Microsoft Edge Chakra InlineArrayPush Type Confusion
Posted Jan 17, 2019
Authored by Google Security Research, lokihardt

Microsoft Edge suffers from a Chakra related type confusion vulnerability in InlineArrayPush.

tags | exploit
advisories | CVE-2018-8617
SHA-256 | 789b214a31a71d7137e78ec7849729dcb9e3b8a75a7308f4a4b8b569c079222e
Microsoft Edge Chakra JIT InitClass Type Confusion
Posted Jan 17, 2019
Authored by Google Security Research, lokihardt

Microsoft Edge suffers from a type confusion vulnerability in InitClass.

tags | advisory
advisories | CVE-2019-0539
SHA-256 | 367c15a86b6530dbd43aa9b2697e9a86c38d5e598f2ee86f71e076458456cbc2
Microsoft Edge Chakra JIT NewScObjectNoCtor / InitProto Type Confusion
Posted Jan 17, 2019
Authored by Google Security Research, lokihardt

Microsoft Edge has an issue where NewScObjectNoCtor and InitProto opcodes are treated as having no side effects, but actually they can have via the SetIsPrototype method of the type handler that can cause transition to a new type. This can lead to type confusion in the JITed code.

tags | exploit
advisories | CVE-2019-0567
SHA-256 | 834d31cccca1204e88d3a244cd1080b2a05229d26e439537775eea80ec254732
Microsoft Edge 44.17763.1.0 Null Pointer Dereference
Posted Jan 6, 2019
Authored by Bogdan Kurinnoy

Microsoft Edge version 44.17763.1.0 suffers from a null pointer dereference vulnerability.

tags | exploit
SHA-256 | a11a849c5f67763fb7d352108d15d3790372eb4acfe09de283b30b2bacb51245
Microsoft Edge 42.17134.1.0 Denial Of Service
Posted Dec 22, 2018
Authored by Bogdan Kurinnoy

Microsoft Edge version 42.17134.1.0 Tree::ANode::DocumentLayout denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 9acf1553b18b56a1c543ae6156a84a5ed7e2d14342a8efb0fc0ebc7ee7a97b07
Microsoft Edge Chakra OP_Memset Type Confusion
Posted Nov 19, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge suffers from a Chakra OP_Memset type confusion vulnerability.

tags | exploit
SHA-256 | 611fa33be1a70a1567073da40901233c4521faaaa46eb3028856e6977091b785
Microsoft Edge Chakra JIT Type Confusion Bug
Posted Oct 11, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge suffers from a Chakra JIT type confusion bug.

tags | exploit
advisories | CVE-2018-8467
SHA-256 | f1c02ccc951ceda6d6a1421129878de1d9f26aadbd450419b54c25dda564411f
Microsoft Edge Chakra JIT BailOutOnInvalidatedArrayHeadSegment Check Bypass
Posted Oct 11, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge suffers from a Chakra JIT BailOutOnInvalidatedArrayHeadSegment check bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2018-8466
SHA-256 | ec00b94941d6f0c365dbfe398115342baba4da955810b213e9dedced9dae355c
Microsoft Edge Sandbox Escape
Posted Sep 27, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge suffers from a sandbox escape vulnerability.

tags | exploit
advisories | CVE-2018-8463, CVE-2018-8468, CVE-2018-8469
SHA-256 | 53dae687e4a4409c81987ce450a88ac52d2a2a51eac4971e2a0712be2ba423d2
Microsoft Edge Chakra PathTypeHandlerBase::SetAttributesHelper Type Confusion
Posted Sep 18, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from a type confusion vulnerability with PathTypeHandlerBase::SetAttributesHelper.

tags | exploit
advisories | CVE-2018-8384
SHA-256 | 4e5a6b1c1ad36809123bcb9eced0fa48ac450dae86ec04c8b0efbd7b86c77fd8
Microsoft Edge Chakra JIT localeCompare Type Confusion
Posted Sep 18, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a type confusion vulnerability in localeCompare.

tags | exploit
advisories | CVE-2018-8355
SHA-256 | 78f38be2f2306af460f7ceb3b4272fa71d5e515678096e5f3e5ef2769afdf332
Microsoft Edge Chakra JIT InlineArrayPush Type Confusion
Posted Aug 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a type confusion vulnerability with InlineArrayPush.

tags | exploit
SHA-256 | 4d7c1c0bd391258ccf4d2a6df0bbe9fce45d445b76d8eb5317891fd7fc1cfef5
Microsoft Edge Chakra DictionaryPropertyDescriptor::CopyFrom Failed Copy
Posted Aug 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra has an issue where DictionaryPropertyDescriptor::CopyFrom does not copy all fields.

tags | exploit
advisories | CVE-2018-8291
SHA-256 | 02a9af64a615a45ba93686901284c1ca585f8e53c27860a4cfcb2c7a25376b37
Microsoft Edge Chakra Parameter Scope Parsing Bug
Posted Aug 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from a parameter scope parsing bug.

tags | exploit
advisories | CVE-2018-8279
SHA-256 | a916e8ee259ed452ab0ef0b7d6f4f736a5c6609e52233de54ab3341897861228
Microsoft Edge Chakra JIT ImplicitCallFlags Check Bypass
Posted Aug 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an ImplicitCallFlags check bypass vulnerability with Intl.

tags | exploit, bypass
advisories | CVE-2018-8288
SHA-256 | fa2ba833d2e86afeca1956fc5c100501e728bc7ca7779f47078461ffbd346bab
Microsoft Edge Chakra JIT SetConcatStrMultiItemBE Type Confusion
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a type confusion vulnerability with hoisted SetConcatStrMultiItemBE instructions.

tags | exploit
advisories | CVE-2018-8229
SHA-256 | f4b986bf36dfb05720fc2029354aa57451279bbc79487e82145d40d7bd8a2aef
Microsoft Edge Chakra JIT BoundFunction::NewInstance Bug
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a bug. BoundFunction::NewInstance is used to handle calls to a bound function. The method first allocates a new argument array and copies the prepended arguments and others into the new argument array and calls the actual function. The problem is, it doesn't care about the CallFlags_NewTarget flag which indicates that there's an extra argument (new.target) at the end of the argument array. So the size of the new argument array created with the CallFlags_NewTarget flag will be always 1 less then required, this leads to an out-of-bounds read.

tags | exploit
advisories | CVE-2018-8139
SHA-256 | aa1bde86d10b95d8ca0ccfc5d06fd9edd0e20688c8eadfbfc61a463d88cdead5
Microsoft Edge Chakra JIT Out-Of-Bounds Reads/Writes
Posted Jul 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from multiple out of bounds reads and writes.

tags | exploit
advisories | CVE-2018-8145
SHA-256 | 14c73972e0db8500904cd6efa9a56ea40e8f8fbd7ed64d7345ffa202523fbfe4
Microsoft Edge Chakra EntrySimpleObjectSlotGetter Type Confusion
Posted May 31, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from an issue where EntrySimpleObjectSlotGetter can have side effects that cause a type confusion vulnerability.

tags | exploit
advisories | CVE-2018-8133
SHA-256 | dac02c231e7c37da88c204ab8918570d1df7d88c3ea07b2805f9d5afd9081f44
Microsoft Edge Chakra Cross Context Bug Use-After-Free
Posted May 24, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from a cross context use-after-free vulnerability.

tags | exploit
advisories | CVE-2018-0946
SHA-256 | 3b419c01f8a186a0bd97c1be1da5f223ed4332c77c38f000eedcab19808e3482
Microsoft Edge Chakra JIT Magic Value Type Confusion
Posted May 24, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an issue where a magic value can cause a type confusion vulnerability.

tags | advisory
advisories | CVE-2018-0953
SHA-256 | b607bd66ac346df35ba88f1fbce5078e0b85fdb7c50c28f6628624a5252e48aa
Microsoft Edge OpenProcess() ACG Bypass
Posted Apr 17, 2018
Authored by Ivan Fratric, Google Security Research

Microsoft Edge suffers from an ACG bypass vulnerability with OpenProcess().

tags | exploit, bypass
SHA-256 | e13730c75ca6f8bb32812eaeb11c4e26810eb2412806aa44f43438d5b226c9b0
Page 1 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    0 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close