2106 matches found
The Safety Boat: Kubernetes and Rust
Our team, DeisLabs, recently released a new piece of software called Krustlet, which is a tool for running WebAssembly modules on the popular, open-source container management tool called Kubernetes. Kubernetes is used quite extensively to run cloud software across many vendors and companies and ...
The Safety Boat: Kubernetes and Rust
Our team, DeisLabs, recently released a new piece of software called Krustlet, which is a tool for running WebAssembly modules on the popular, open-source container management tool called Kubernetes. Kubernetes is used quite extensively to run cloud software across many vendors and companies and ...
The Safety Boat: Kubernetes and Rust
Our team, DeisLabs, recently released a new piece of software called Krustlet, which is a tool for running WebAssembly modules on the popular, open-source container management tool called Kubernetes. Kubernetes is used quite extensively to run cloud software across many vendors and companies and ...
Google Chrome 72 and 73 - Array.map Out-of-Bounds Write (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 72 and 73 Array.map exploit', 'Description' = %q This module exploits an issue in Chrome 73.0.3683.86 64 bit. The exploit corrupts...
Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 80 JSCreate side-effect type confusion exploit', 'Description' = %q This module exploits an issue in Google Chrome 80.0.3987.87 64...
Google Chrome 80 JSCreate Side-Effect Type Confusion Exploit
This Metasploit module exploits an issue in Google Chrome version 80.0.3987.87 64 bit. The exploit corrupts the length of a float array floatrel, which can then be used for out of bounds read and write on adjacent memory. The relative read and write is then used to modify a UInt64Array uint64aarw...
Google Chrome 72 / 73 Array.map Corruption Exploit
This Metasploit module exploits an issue in Chrome version 73.0.3683.86 64 bit. The exploit corrupts the length of a float in order to modify the backing store of a typed array. The typed array can then be used to read and write arbitrary memory. The exploit then uses WebAssembly in order to...
Google Chrome 80 JSCreate Side-Effect Type Confusion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 80 JSCreate side-effect type confusion exploit', 'Description' = %q This module exploits an issue in Google Chrome 80.0.3987.87 64...
Google Chrome 72 / 73 Array.map Corruption
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 72 and 73 Array.map exploit', 'Description' = %q This module exploits an issue in Chrome 73.0.3683.86 64 bit. The exploit corrupts...
Google Chrome 80 JSCreate side-effect type confusion exploit
This module exploits an issue in Google Chrome 80.0.3987.87 64 bit. The exploit corrupts the length of a float array floatrel, which can then be used for out of bounds read and write on adjacent memory. The relative read and write is then used to modify a UInt64Array uint64aarw which is used for...
llvm:llvm-isel-fuzzer--wasm32-O2: Use-after-poison in WebAssemblyRegStackify::runOnMachineFunction
Detailed Report: https://oss-fuzz.com/testcase?key=5717684832698368 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: llvm-isel-fuzzer--wasm32-O2 Job Type: libfuzzerasanllvm Platform Id: linux Crash Type: Use-after-poison READ 8 Crash Address: 0x621000071080 Crash State:...
The vulnerability of the WebAssembly component in Google Chrome’s browser allows a hacker to execute arbitrary code.
The vulnerability of the WebAssembly component in Google Chrome’s browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using a specially created HTML page...
wabt:wasm2wat_fuzzer: Heap-buffer-overflow in wabt::string_view::compare
Project: https://github.com/WebAssembly/wabt.git Detailed Report: https://oss-fuzz.com/testcase?key=5195494439780352 Project: wabt Fuzzing Engine: libFuzzer Fuzz Target: wasm2watfuzzer Job Type: libfuzzerasani386wabt Platform Id: linux Crash Type: Heap-buffer-overflow READ 6 Crash Address:...
Google Chrome 72 and 73 Array.map exploit
This module exploits an issue in Chrome 73.0.3683.86 64 bit. The exploit corrupts the length of a float in order to modify the backing store of a typed array. The typed array can then be used to read and write arbitrary memory. The exploit then uses WebAssembly in order to allocate a region of RW...
CVE-2018-17458
An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Binaryen Input Validation Error Vulnerability
Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. Binaryen suffers from an input validation error vulnerability. An attacker could exploit this vulnerability to cause a denial of service with specially crafted input...
Binaryen Code Issue Vulnerability
Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. Binaryen is vulnerable to a code issue. An attacker could exploit this vulnerability via specially crafted input to cause a segmentation error, which could result in a denial of service...
July 16, 2019—KB4507465 (OS Build 16299.1296 )
July 16, 2019—KB4507465 OS Build 16299.1296 Reminder: March 12 and April 9 will be the last two Delta updates for Windows 10, version 1709. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please...
CVE-2018-6131
Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-6131
Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...