2106 matches found
Design/Logic Flaw
Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-6131
Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2018-6131
Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-6131
Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-6131
The CVE-2018-6131 issue is a WebAssembly vulnerability in Google Chrome prior to 67.0.3396.62. According to CNVD-2018-11489, a remote attacker could exploit this via a specially crafted website to bypass security restrictions and gain access to the system. The original description notes an object...
CVE-2018-6131
Removed by vendor...
Google Chrome WasmMemoryObject::Grow Use-After-Free
Chrome: Use-after-free in WasmMemoryObject::Grow VULNERABILITY DETAILS https://cs.chromium.org/chromium/src/v8/src/wasm/wasm-objects.cc?rcl=783343158eb1b147df7e6669f1d03c690c878e21&l=1253 int32t WasmMemoryObject::GrowIsolate isolate, Handle memoryobject, uint32t pages ... Handle newbuffer; if...
CVE-2019-6743
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
Heap overflow
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
CVE-2019-6743
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
Chrome 72.0.3626.119 FileReader Use-After-Free Exploit
This exploit takes advantage of a use after free vulnerability in Google Chrome 72.0.3626.119 running on Windows 7 x86. The FileReader.readAsArrayBuffer function can return multiple references to the same ArrayBuffer object, which can be freed and overwritten with sprayed objects. The dangling...
Chrome 72.0.3626.119 FileReader Use-After-Free
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chrome 72.0.3626.119 FileReader UaF exploit for Windows 7 x86', 'Description' = %q This exploit takes advantage of a use after free vulnerability...
Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chrome 72.0.3626.119 FileReader UaF exploit for Windows 7 x86', 'Description' = %q This exploit takes advantage of a use after free vulnerability...
Chrome 72.0.3626.119 FileReader UaF exploit for Windows 7 x86
This exploit takes advantage of a use after free vulnerability in Google Chrome 72.0.3626.119 running on Windows 7 x86. The FileReader.readAsArrayBuffer function can return multiple references to the same ArrayBuffer object, which can be freed and overwritten with sprayed objects. The dangling...
(Pwn2Own) Xiaomi Mi6 Browser WebAssembly.Instance Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
openSUSE Security Update : webkit2gtk3 (openSUSE-2019-566)
This update for webkit2gtk3 to version 2.20.3 fixes the following issues : These security issues were fixed : - CVE-2018-4190: An unspecified issue allowed remote attackers to obtain sensitive credential information that is transmitted during a CSS mask-image fetch bsc1097693. - CVE-2018-4199: An...
openSUSE Security Update : Chromium (openSUSE-2019-548)
This update for Chromium to version 67.0.3396.99 fixes multiple issues. Security issues fixed bsc1095163 : - CVE-2018-6123: Use after free in Blink - CVE-2018-6124: Type confusion in Blink - CVE-2018-6125: Overly permissive policy in WebUSB - CVE-2018-6126: Heap buffer overflow in Skia -...
Unspecified vulnerability in Binaryen (CNVD-2019-34837)
Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. An unspecified vulnerability exists in Binaryen. An attacker can exploit this vulnerability to cause a denial of service with specially crafted input...
Binaryen Input Validation Vulnerability
Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. Binaryen suffers from an input validation vulnerability. An attacker can exploit this vulnerability to cause a denial of service assertion failure and crash with the help of a specially crafted wasm file...
Binaryen Buffer Overflow Vulnerability (CNVD-2019-34838)
Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. Binaryen suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to cause a denial of service with specially crafted input...