792 matches found
CVE-2018-15732
CVE-2018-15732 affects STOPzilla AntiMalware 6.5.2.59. The driver szkg64.sys contains an Arbitrary Write vulnerability due to failure to validate the output buffer address value provided via IOCTL 0x80002063. Public documents (NVD, Red Hat, CNVD, CNVD-2019-40576) describe the issue and confirm th...
CVE-2018-15732
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x80002063...
CVE-2018-15734
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206B...
CVE-2018-15734
Summary: CVE-2018-15734 affects STOPzilla AntiMalware 6.5.2.59, via the driver file szkg64.sys. The vulnerability is an Arbitrary Write caused by not validating the output buffer address value from IOCTL 0x8000206B. Public documents (CNVD-2019-40577) state an attacker could exploit this to write ...
CVE-2018-15735
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206F...
CVE-2018-15735
The CVE-2018-15735 issue affects STOPzilla AntiMalware 6.5.2.59 in the szkg64.sys driver, where an Arbitrary Write vulnerability arises from not validating the output-buffer address for IOCTL 0x8000206F. According to the linked metrics, exploitation is local with low complexity and requires low p...
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Exploit
Content Dim ar1&h3000000 Dim ar21000 Dim gremlin addressOfGremlin = &h28281000 Class MyClass Private mValue Public Property Let Valuev mValue = v End Property Public Default Property Get P P = mValue ' Where to write End Property End Class Sub TriggerWritewhere, val Dim v1 Set v1 =...
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Content Dim ar1&h3000000 Dim ar21000 Dim gremlin addressOfGremlin = &h28281000 Class MyClass Private mValue Public Property Let Valuev mValue = v End Property Public Default Property Get P P = mValue ' Wher...
Microsoft Internet Explorer Windows 10 1809 17763.316 Memory Corruption
Content Dim ar1&h3000000 Dim ar21000 Dim gremlin addressOfGremlin = &h28281000 Class MyClass Private mValue Public Property Let Valuev mValue = v End Property Public Default Property Get P P = mValue ' Where to write End Property End Class Sub TriggerWritewhere, val Dim v1 Set v1 =...
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption
Exploit Title: Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Date: 03/2019 Author: Simon Zuckerbraun Vendor: https://www.microsoft.com/ Version: February 2019 patch level Tested on: Windows 10 1809 17763.316 CVE: CVE-2019-0752 Content Dim ar1&h3000000...
Trashing the Flow of Data
Posted by Stephen Röttger In this blog post I want to present crbug.com/944062, a vulnerability in Chrome’s JavaScript compiler TurboFan that was discovered independently by Samuel saelo@ via fuzzing with fuzzilli, and by myself via manual code auditing. The bug was found in beta and was fixed...
DEBIAN-CVE-2019-9791
The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...
UBUNTU-CVE-2019-10878
In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData and CDataFileReader::ReplaceData and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution...
VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation
VMware: Host VMX Process Impersonation Hijack EoP Platform: VMware Workstation Windows v14.1.5 on Windows 10. Also tested VMware Player 15.0.2. Class: Elevation of Privilege Summary: The creation of the VMX process on a Windows host can be hijacked leading to elevation of privilege. Description:...
Mozilla Firefox and Firefox ESR Type Obfuscation Vulnerability (CNVD-2019-08528)
Mozilla Firefox and Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox versions prior to 66 and Firefox ESR versions...
UBUNTU-CVE-2019-9791
The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...
CVE-2018-13912
Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650,...
CVE-2018-13912
CVE-2018-13912 describes an Arbitrary write in Qualcomm camera components when a kernel address is provided in compat mode on a wide range of Snapdragon platforms (e.g., Snapdragon Auto/Connectivity/Consumer IOT/Industrial IOT/Mobile/Voice & Music/Wearables; various SDM/SD variants). The issue ap...
CVE-2018-13912
Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650,...
Code injection
Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650,...