ROS-20220620-01

A vulnerability in the program monitoring the communication between the container manager and the conmon runtime environment is related to the fact that the application does not properly monitor the consumption of internal resources within the request ExecSync. Exploitation of the vulnerability...

Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission Vulnerability

Exploit Title: Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission Exploit Author: Adrian Bondocea Vendor Homepage: https://www.fluentd.org/ Software Link: https://td-agent-package-browser.herokuapp.com/4/windows Version: icacls C:\opt\td-agent\bin C:\opt\td-agent\bin...

(Pwn2Own) Apple Safari WebGLRenderingContextBase drawElements Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

Yahoo! 助手(3721) ActiveX远程代码执行漏洞

漏洞存在于ynotifier.dll这个ActiveX控件. 成功利用此漏洞可以使得攻击者能够在安装了Yahoo!助手的电脑上执行任意代码. 成功利用此漏洞需要诱使用户访问特定网页. 在通过IE初始化Ynoifier COM对象时,会出现一个可利用的内存破坏漏洞. c78.fa0: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This exception may be expected and handle...