Lucene search
K

562 matches found

Prion
Prion
added 2018/10/18 1:29 p.m.26 views

Type confusion

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR 60.2.2 and Firefox 62.0.3...

5.8CVSS8.2AI score0.13417EPSS
Exploits2References9Affected Software10
Debian CVE
Debian CVE
added 2018/10/18 1:0 p.m.32 views

CVE-2018-12386

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR 60.2.2 and Firefox 62.0.3...

8.1CVSS9.3AI score0.13417EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2018/10/08 8:0 p.m.11 views

Mozilla: type confusion in JavaScript

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR 60.2.2 and Firefox 62.0.3...

8.1CVSS8AI score0.13417EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2018/10/08 8:32 a.m.12 views

Mozilla: type confusion in JavaScript

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR 60.2.2 and Firefox 62.0.3...

8.1CVSS8AI score0.13417EPSS
Exploits2References5
OSV
OSV
added 2018/10/03 12:0 a.m.2 views

UBUNTU-CVE-2018-12386

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR 60.2.2 and Firefox 62.0.3...

8.1CVSS7.9AI score0.13417EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2018/10/03 12:0 a.m.21 views

CVE-2018-12386

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR 60.2.2 and Firefox 62.0.3...

8.1CVSS7.4AI score0.13417EPSS
Exploits2References3
0day.today
0day.today
added 2018/09/18 12:0 a.m.28 views

Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler

Exploit for linux platform in category dos / poc There is a missing address check in both showopcodes callers. showopcodes is mostly used by the kernel to print the raw instruction bytes surrounding an instruction that generated an unexpected exception; however, sometimes it is also used to print...

0.7AI score
Exploits0
CNVD
CNVD
added 2018/08/18 12:0 a.m.3 views

Arbitrary Memory Read Vulnerability in Hologic LE5109L PLCs

HOLLIS Group is a professional automation company integrating R&D, production, sales and technical service. An arbitrary memory read vulnerability exists in the HELISE LE5109L PLC, which can be exploited to cause the value of any register in the PLC to be read arbitrarily by constructing a specif...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2018/07/18 12:0 a.m.51 views

JavaScript Core Arbitrary Code Execution

// Load Int library, thanks saelo! load'util.js'; load'int64.js'; // Helpers to convert from float to in a few random places var conva = new ArrayBuffer8; var convf = new Float64Arrayconva; var convi = new Uint32Arrayconva; var convi8 = new Uint8Arrayconva; var floatarrmagic = new...

5.1CVSS0.3AI score0.12472EPSS
Exploits3
CNVD
CNVD
added 2018/07/03 12:0 a.m.5 views

Multiple Vulnerabilities in Phusion Passenger SpawningKit

Phusion Passenger is an Apache module from Phusion Netherlands for deploying Ruby on Rails projects on Apache and Nginx web servers.SpawningKit is one of the components. A security vulnerability exists in SpawningKit in version 5.3.x of Phusion Passenger prior to 5.3.2. An attacker can exploit th...

9.8CVSS9.3AI score0.01948EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/25 12:0 a.m.7 views

Google Android has an unspecified vulnerability (CNVD-2018-10037)

Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA for short, and Qualcomm MDM9625 and other central processing unit CPU products from Qualcomm are used in different platforms. A security vulnerability exists in the Qualcomm...

10CVSS7AI score0.0118EPSS
Exploits0References1
NVD
NVD
added 2018/04/18 2:29 p.m.26 views

CVE-2015-9108

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NUL...

10CVSS8.5AI score0.0118EPSS
Exploits0References2
Prion
Prion
added 2018/04/18 2:29 p.m.22 views

Null pointer dereference

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NUL...

10CVSS8.2AI score0.0118EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/04/18 2:0 p.m.23 views

CVE-2015-9108

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NUL...

9.7AI score0.0118EPSS
Exploits0References2
seebug.org
seebug.org
added 2018/03/16 12:0 a.m.424 views

Ubuntu本地提权漏洞(CVE-2017-16995)

Since commit f1174f77b50c "bpf/verifier: rework value tracking", the eBPF range tracking is security-relevant for the verification of eBPF code provided by unprivileged users. Therefore, any tiny slip-up in the arithmetic range tracking now turns into an arbitrary read+write in the full kernel...

7.2CVSS7.7AI score0.30052EPSS
Exploits16
exploitpack
exploitpack
added 2018/01/24 12:0 a.m.84 views

Oracle VirtualBox 5.1.30 5.2-rc1 - Guest to Host Escape

Oracle VirtualBox 5.1.30 5.2-rc1 - Guest to Host Escape SSD Advisory – Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities Source: https://blogs.securiteam.com/index.php/archives/3649 Vulnerabilities summary The following advisory describes two 2 guest to host escape found in Oracle...

4.1CVSS0.01658EPSS
Exploits6
Packet Storm
Packet Storm
added 2018/01/24 12:0 a.m.70 views

Oracle VirtualBox Guest To Host Escape

SSD Advisory a Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities Source: https://blogs.securiteam.com/index.php/archives/3649 Vulnerabilities summary The following advisory describes two 2 guest to host escape found in Oracle VirtualBox version 5.1.30, and VirtualBox version 5.2-rc1...

8.6AI score0.01658EPSS
Exploits6
0day.today
0day.today
added 2017/12/06 12:0 a.m.31 views

Microsoft Edge Chakra CFG Bypass With leafInterpreterFrame Vulnerability

Chakra suffers from a CFG bypass with leafInterpreterFrame. Every JavaScript variable in Chakra except a tagged int is a pointer. From this pointer, using an arbitrary read, it is possible to follow a chain of pointers and end up with a pointer to the native stack. This allows disclosing the stac...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2017/11/06 12:0 a.m.48 views

Linux Kernel 4.13 (Ubuntu 17.10) - waitid() SMEPSMAPChrome Sandbox Privilege Escalation

Linux Kernel 4.13 Ubuntu 17.10 - waitid SMEPSMAPChrome Sandbox Privilege Escalation // Proof of concept exploit for waitid bug introduced in Linux Kernel 4.13 // By Chris Salls twitter.com/chrissalls // This exploit can be used to break out out of sandboxes such as that in google chrome // In thi...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2017/11/06 12:0 a.m.209 views

Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP/Chrome Sandbox Privilege Escalation

// Proof of concept exploit for waitid bug introduced in Linux Kernel 4.13 // By Chris Salls twitter.com/chrissalls // This exploit can be used to break out out of sandboxes such as that in google chrome // In this proof of concept we install the seccomp filter from chrome as well as a chroot, //...

7.4AI score
Exploits0
Rows per page
Query Builder