2108 matches found
Critical RCE Flaw Discovered in Blockchain-Based EOS Smart Contract System
Security researchers have discovered a series of new vulnerabilities in EOS blockchain platform, one of which could allow remote hackers to take complete control over the node servers running the critical blockchain-based applications. EOS is an open source smart contract platform, known as...
Critical RCE Flaw Discovered in Blockchain-Based EOS Smart Contract System
Security researchers have discovered a series of new vulnerabilities in EOS blockchain platform, one of which could allow remote hackers to take complete control over the node servers running the critical blockchain-based applications. EOS is an open source smart contract platform, known as...
OPENSUSE-SU-2018:1437-1 Security update for Chromium
This update for Chromium to version 66.0.3359.181 fixes the following issues: - CVE-2018-6118: Use after free in Media Cache bsc1091288 - CVE-2018-6085: Use after free in Disk Cache - CVE-2018-6086: Use after free in Disk Cache - CVE-2018-6087: Use after free in WebAssembly - CVE-2018-6088: Use...
chromium-browser: Type confusion in V8
Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-6122
Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Mozilla Firefox WebAssembly Table Integer Underflow (CVE-2018-5093)
An integer underflow vulnerability exists in WebAssembly components of Mozilla Firefox. The vulnerability is due to insufficient validation during access of a Table object element...
FreeBSD : chromium -- vulnerability (36ff7a74-47b1-11e8-a7d6-54e1ad544088)
Google Chrome Releases reports : 62 security fixes in this release : - 826626 Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28 - 827492 Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30 - 813876 High...
chromium-browser: Integer overflow in WebAssembly
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
chromium-browser: Incorrect low memory handling in WebAssembly
A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...
chromium-browser: Use after free in WebAssembly
A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
openSUSE: Security Advisory for chromium (openSUSE-SU-2018:1042-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2018-6092
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
CVE-2018-6087
A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 66 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 66.0.3359.117 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcomin...
WebKit - WebAssembly Parsing Does not Correctly Check Section Order
WebKit - WebAssembly Parsing Does not Correctly Check Section Order When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check...
WebKit - WebAssembly Parsing Does not Correctly Check Section Order Vulnerability
Exploit for multiple platform in category dos / poc When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder does not...
WebKit - WebAssembly Parsing Does not Correctly Check Section Order
When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder does not adequately check that sections are in the correct order...
chromium-browser: race condition in v8
A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-6061
A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2017-5132
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation...