Lucene search
K

57 matches found

NVD
NVD
added 2019/07/17 1:15 p.m.27 views

CVE-2019-13272

In the Linux kernel before 5.1.17, ptracelink in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a...

7.8CVSS7.3AI score0.52199EPSS
Exploits21References30
UbuntuCve
UbuntuCve
added 2019/07/17 12:0 a.m.78 views

CVE-2019-13272

In the Linux kernel before 5.1.17, ptracelink in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a...

7.8CVSS6.9AI score0.52199EPSS
Exploits21References9
0day.today
0day.today
added 2019/07/17 12:0 a.m.140 views

Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME Exploit

Exploit for linux platform in category local exploits Linux - Broken Permission and Object Lifetime Handling for PTRACETRACEME Exploit == Summary == This bug report describes two issues introduced by commit 64b875f7ac8a "ptrace: Capture the ptracer's creds not PTPTRACECAP", introduced in v4.10 bu...

7.2CVSS8AI score0.52199EPSS
Exploits21
exploitpack
exploitpack
added 2019/07/17 12:0 a.m.25 views

Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME

Linux - Broken Permission and Object Lifetime Handling for PTRACETRACEME == Summary == This bug report describes two issues introduced by commit 64b875f7ac8a "ptrace: Capture the ptracer's creds not PTPTRACECAP", introduced in v4.10 but also stable-backported to older versions. I will send a...

0.3AI score
Exploits0
OSV
OSV
added 2019/06/27 5:15 p.m.8 views

CVE-2019-5807

Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.8AI score
Exploits0References8
NVD
NVD
added 2019/06/27 5:15 p.m.29 views

CVE-2019-5786

Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...

6.5CVSS6.4AI score0.61537EPSS
Exploits10References3
UbuntuCve
UbuntuCve
added 2019/06/27 5:15 p.m.27 views

CVE-2018-17479

Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.00895EPSS
Exploits0References1
OSV
OSV
added 2019/06/27 5:15 p.m.3 views

UBUNTU-CVE-2019-5786

Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...

6.5CVSS7.1AI score0.61537EPSS
Exploits10References3
Prion
Prion
added 2019/06/27 5:15 p.m.25 views

Design/Logic Flaw

Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.8CVSS8.4AI score0.01402EPSS
Exploits0References8Affected Software5
CVE
CVE
added 2019/06/27 4:13 p.m.1355 views

CVE-2019-5786

CVE-2019-5786 corresponds to a heap use-after-free in Google Chrome’s Blink layer affecting the FileReader API, enabling a remote attacker to potentially cause out-of-bounds memory access via a crafted HTML page. The CVE is documented as a vulnerability in Blink prior to 72.0.3626.121, with the v...

6.5CVSS6.2AI score0.61537EPSS
In wildExploits10References3Affected Software1
Cvelist
Cvelist
added 2019/06/27 4:13 p.m.29 views

CVE-2019-5786

Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...

6.4AI score0.61537EPSS
Exploits10References2
Debian CVE
Debian CVE
added 2019/06/27 4:13 p.m.44 views

CVE-2019-5807

Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.1AI score0.01402EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/06/27 4:13 p.m.53 views

CVE-2019-5786

Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...

6.5CVSS6.5AI score0.61537EPSS
Exploits10
Debian CVE
Debian CVE
added 2019/06/27 4:13 p.m.51 views

CVE-2018-17479

Removed by vendor...

8.8CVSS9.3AI score0.00895EPSS
Exploits0
Exploit DB
Exploit DB
added 2019/05/23 12:0 a.m.283 views

Visual Voicemail for iPhone - IMAP NAMESPACE Processing Use-After-Free

Visual Voicemail VVM is a feature of mobile devices that allows voicemail to be read in an email-like format. Carriers set up a Visual Voicemail server that supports IMAP, and the device queries this server for new email. Visual Voicemail is configured over SMS, and carriers inform devices of the...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2019/04/25 8:20 a.m.34 views

CVE-2019-5807

Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS3AI score0.01402EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/03/04 2:49 p.m.48 views

CVE-2019-5786

Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...

8.8CVSS3.8AI score0.61537EPSS
Exploits10References3
0day.today
0day.today
added 2019/03/02 12:0 a.m.74 views

Google Chrome < M72 - PaymentRequest Service Use-After-Free Exploit

Google Chrome M72 - PaymentRequest Service Use-After-Free Exploit There are several object-lifetime issues in the browser process in the implementation of payments.mojom.PaymentRequest. The PaymentRequest object contains a std::uniqueptr to a PaymentRequestSpec, which is initialised during the ca...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/03/02 12:0 a.m.62 views

Google Chrome < M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHost

Google Chrome M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHost There's an object-lifetime issue in the browser process in the handling of P2PSocketDispatcherHost binding in parallel with OnBloatedRenderer event handling. In RenderProcessHostImpl, we have a uniquep...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/03/01 12:0 a.m.33 views

Google Chrome M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free

Google Chrome M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free There's a race-condition / object-lifetime issue in the browser process when the browser process shutdown races against the IO thread handling mojo messages from the renderer. It's at least possible to trigger...

0.1AI score
Exploits0
Rows per page
Query Builder