Lucene search
K

2108 matches found

The Hacker News
The Hacker News
added 2018/05/29 9:34 a.m.97 views

Critical RCE Flaw Discovered in Blockchain-Based EOS Smart Contract System

Security researchers have discovered a series of new vulnerabilities in EOS blockchain platform, one of which could allow remote hackers to take complete control over the node servers running the critical blockchain-based applications. EOS is an open source smart contract platform, known as...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2018/05/29 9:34 a.m.1 views

Critical RCE Flaw Discovered in Blockchain-Based EOS Smart Contract System

Security researchers have discovered a series of new vulnerabilities in EOS blockchain platform, one of which could allow remote hackers to take complete control over the node servers running the critical blockchain-based applications. EOS is an open source smart contract platform, known as...

8.5AI score
Exploits0
OSV
OSV
added 2018/05/27 11:26 a.m.8 views

OPENSUSE-SU-2018:1437-1 Security update for Chromium

This update for Chromium to version 66.0.3359.181 fixes the following issues: - CVE-2018-6118: Use after free in Media Cache bsc1091288 - CVE-2018-6085: Use after free in Disk Cache - CVE-2018-6086: Use after free in Disk Cache - CVE-2018-6087: Use after free in WebAssembly - CVE-2018-6088: Use...

10CVSS7.2AI score0.58822EPSS
Exploits10References72
RedHat Linux
RedHat Linux
added 2018/05/14 6:51 p.m.6 views

chromium-browser: Type confusion in V8

Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.4AI score0.00717EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2018/05/11 12:20 p.m.29 views

CVE-2018-6122

Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS2.9AI score0.00717EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2018/05/02 12:0 a.m.5 views

Mozilla Firefox WebAssembly Table Integer Underflow (CVE-2018-5093)

An integer underflow vulnerability exists in WebAssembly components of Mozilla Firefox. The vulnerability is due to insufficient validation during access of a Table object element...

5CVSS3.3AI score0.20024EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/04/25 12:0 a.m.31 views

FreeBSD : chromium -- vulnerability (36ff7a74-47b1-11e8-a7d6-54e1ad544088)

Google Chrome Releases reports : 62 security fixes in this release : - 826626 Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28 - 827492 Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30 - 813876 High...

8.8CVSS7AI score0.09186EPSS
Exploits4References36
RedHat Linux
RedHat Linux
added 2018/04/23 12:36 p.m.3 views

chromium-browser: Integer overflow in WebAssembly

An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS7.8AI score0.09186EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2018/04/23 12:36 p.m.5 views

chromium-browser: Incorrect low memory handling in WebAssembly

A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...

6.5CVSS7.4AI score0.01424EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/04/23 12:36 p.m.10 views

chromium-browser: Use after free in WebAssembly

A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS7.8AI score0.03453EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2018/04/21 12:0 a.m.37 views

openSUSE: Security Advisory for chromium (openSUSE-SU-2018:1042-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS6.6AI score0.09186EPSS
Exploits3References2
RedhatCVE
RedhatCVE
added 2018/04/18 9:24 a.m.26 views

CVE-2018-6092

An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS4.8AI score0.09186EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2018/04/18 9:19 a.m.24 views

CVE-2018-6087

A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS4.4AI score0.03453EPSS
Exploits0References2
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2018/04/17 12:0 a.m.24 views

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 66 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 66.0.3359.117 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcomin...

9.6CVSS8.1AI score0.09186EPSS
Exploits4Affected Software1
exploitpack
exploitpack
added 2018/04/09 12:0 a.m.15 views

WebKit - WebAssembly Parsing Does not Correctly Check Section Order

WebKit - WebAssembly Parsing Does not Correctly Check Section Order When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check...

Exploits0
0day.today
0day.today
added 2018/04/09 12:0 a.m.77 views

WebKit - WebAssembly Parsing Does not Correctly Check Section Order Vulnerability

Exploit for multiple platform in category dos / poc When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder does not...

8.3AI score0.13207EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/09 12:0 a.m.29 views

WebKit - WebAssembly Parsing Does not Correctly Check Section Order

When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder does not adequately check that sections are in the correct order...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2018/03/12 6:21 p.m.2 views

chromium-browser: race condition in v8

A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

7.5CVSS7.4AI score0.01345EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2018/03/07 8:54 a.m.22 views

CVE-2018-6061

A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS5AI score0.01345EPSS
Exploits0References2
OSV
OSV
added 2018/02/07 11:29 p.m.3 views

CVE-2017-5132

Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation...

8.8CVSS7.3AI score0.01588EPSS
Exploits0References6
Rows per page
Query Builder