Lucene search
K

2106 matches found

MSRC
MSRC
added 2020/04/29 3:35 p.m.38 views

The Safety Boat: Kubernetes and Rust

Our team, DeisLabs, recently released a new piece of software called Krustlet, which is a tool for running WebAssembly modules on the popular, open-source container management tool called Kubernetes. Kubernetes is used quite extensively to run cloud software across many vendors and companies and ...

2.3AI score
Exploits0
MSRC
MSRC
added 2020/04/29 7:0 a.m.10 views

The Safety Boat: Kubernetes and Rust

Our team, DeisLabs, recently released a new piece of software called Krustlet, which is a tool for running WebAssembly modules on the popular, open-source container management tool called Kubernetes. Kubernetes is used quite extensively to run cloud software across many vendors and companies and ...

2.5AI score
Exploits0
MSRC
MSRC
added 2020/04/29 7:0 a.m.9 views

The Safety Boat: Kubernetes and Rust

Our team, DeisLabs, recently released a new piece of software called Krustlet, which is a tool for running WebAssembly modules on the popular, open-source container management tool called Kubernetes. Kubernetes is used quite extensively to run cloud software across many vendors and companies and ...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/09 12:0 a.m.223 views

Google Chrome 72 and 73 - Array.map Out-of-Bounds Write (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 72 and 73 Array.map exploit', 'Description' = %q This module exploits an issue in Chrome 73.0.3683.86 64 bit. The exploit corrupts...

6.5CVSS7.1AI score0.55925EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/03/09 12:0 a.m.243 views

Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 80 JSCreate side-effect type confusion exploit', 'Description' = %q This module exploits an issue in Google Chrome 80.0.3987.87 64...

8.8CVSS7.7AI score0.78808EPSS
Exploits6
0day.today
0day.today
added 2020/03/06 12:0 a.m.211 views

Google Chrome 80 JSCreate Side-Effect Type Confusion Exploit

This Metasploit module exploits an issue in Google Chrome version 80.0.3987.87 64 bit. The exploit corrupts the length of a float array floatrel, which can then be used for out of bounds read and write on adjacent memory. The relative read and write is then used to modify a UInt64Array uint64aarw...

8.8CVSS7.4AI score0.78808EPSS
Exploits6
0day.today
0day.today
added 2020/03/06 12:0 a.m.209 views

Google Chrome 72 / 73 Array.map Corruption Exploit

This Metasploit module exploits an issue in Chrome version 73.0.3683.86 64 bit. The exploit corrupts the length of a float in order to modify the backing store of a typed array. The typed array can then be used to read and write arbitrary memory. The exploit then uses WebAssembly in order to...

6.5CVSS7.5AI score0.55925EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/03/05 12:0 a.m.230 views

Google Chrome 80 JSCreate Side-Effect Type Confusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 80 JSCreate side-effect type confusion exploit', 'Description' = %q This module exploits an issue in Google Chrome 80.0.3987.87 64...

4.3CVSS0.78808EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/03/05 12:0 a.m.119 views

Google Chrome 72 / 73 Array.map Corruption

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 72 and 73 Array.map exploit', 'Description' = %q This module exploits an issue in Chrome 73.0.3683.86 64 bit. The exploit corrupts...

4.3CVSS0.4AI score0.55925EPSS
Exploits6
Metasploit
Metasploit
added 2020/02/29 10:41 a.m.148 views

Google Chrome 80 JSCreate side-effect type confusion exploit

This module exploits an issue in Google Chrome 80.0.3987.87 64 bit. The exploit corrupts the length of a float array floatrel, which can then be used for out of bounds read and write on adjacent memory. The relative read and write is then used to modify a UInt64Array uint64aarw which is used for...

8.8CVSS7.4AI score0.78808EPSS
Exploits6
ossfuzz
ossfuzz
added 2020/02/19 8:40 a.m.37 views

llvm:llvm-isel-fuzzer--wasm32-O2: Use-after-poison in WebAssemblyRegStackify::runOnMachineFunction

Detailed Report: https://oss-fuzz.com/testcase?key=5717684832698368 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: llvm-isel-fuzzer--wasm32-O2 Job Type: libfuzzerasanllvm Platform Id: linux Crash Type: Use-after-poison READ 8 Crash Address: 0x621000071080 Crash State:...

6.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.5 views

The vulnerability of the WebAssembly component in Google Chrome’s browser allows a hacker to execute arbitrary code.

The vulnerability of the WebAssembly component in Google Chrome’s browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using a specially created HTML page...

10CVSS8.2AI score0.00896EPSS
Exploits0References7Affected Software2
ossfuzz
ossfuzz
added 2019/11/16 12:6 a.m.19 views

wabt:wasm2wat_fuzzer: Heap-buffer-overflow in wabt::string_view::compare

Project: https://github.com/WebAssembly/wabt.git Detailed Report: https://oss-fuzz.com/testcase?key=5195494439780352 Project: wabt Fuzzing Engine: libFuzzer Fuzz Target: wasm2watfuzzer Job Type: libfuzzerasani386wabt Platform Id: linux Crash Type: Heap-buffer-overflow READ 6 Crash Address:...

6.8AI score
Exploits0Affected Software1
Metasploit
Metasploit
added 2019/11/13 2:26 p.m.60 views

Google Chrome 72 and 73 Array.map exploit

This module exploits an issue in Chrome 73.0.3683.86 64 bit. The exploit corrupts the length of a float in order to modify the backing store of a typed array. The typed array can then be used to read and write arbitrary memory. The exploit then uses WebAssembly in order to allocate a region of RW...

6.5CVSS7.2AI score0.55925EPSS
Exploits6
RedhatCVE
RedhatCVE
added 2019/10/08 11:43 p.m.28 views

CVE-2018-17458

An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS4AI score0.02222EPSS
Exploits0References2
CNVD
CNVD
added 2019/08/29 12:0 a.m.2 views

Binaryen Input Validation Error Vulnerability

Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. Binaryen suffers from an input validation error vulnerability. An attacker could exploit this vulnerability to cause a denial of service with specially crafted input...

6.5CVSS6.7AI score0.01242EPSS
Exploits1References1
CNVD
CNVD
added 2019/08/29 12:0 a.m.2 views

Binaryen Code Issue Vulnerability

Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. Binaryen is vulnerable to a code issue. An attacker could exploit this vulnerability via specially crafted input to cause a segmentation error, which could result in a denial of service...

6.5CVSS7AI score0.01253EPSS
Exploits1References1
Microsoft KB
Microsoft KB
added 2019/08/19 12:0 a.m.7 views

July 16, 2019—KB4507465 (OS Build 16299.1296 )

July 16, 2019—KB4507465 OS Build 16299.1296 Reminder: March 12 and April 9 will be the last two Delta updates for Windows 10, version 1709. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please...

6.8AI score
Exploits0
OSV
OSV
added 2019/06/27 5:15 p.m.1 views

CVE-2018-6131

Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2019/06/27 5:15 p.m.13 views

CVE-2018-6131

Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.1AI score0.00896EPSS
Exploits0References2
Rows per page
Query Builder