CVE-2021-27043

An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order to exploit this the attacker would need the victim to enable full page heap in the application...

EUVD-2021-13814

Malware in sbrugna...

CVE-2023-1388

A heap-based overflow vulnerability in TA prior to version 5.7.9 allows a remote user to alter the page heap in the macmnsvc process memory block, resulting in the service becoming unavailable...

CVE-2023-0977

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

Heap overflow

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

Trellix Agent 缓冲区错误漏洞

Trellix Agent is a client component of FireEye USA Trellix, Inc. provides secure communication between McAfee ePolicy Orchestrator McAfee ePO and hosted products. A security vulnerability exists in Trellix Agent Windows and Linux version 5.7.8 and earlier. An attacker can exploit the vulnerabilit...

Exploit for CVE-2022-26809

Cve-2022-26809 CVE-2022-26809 This repo just simply resear...

CVE-2021-27043

An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order to exploit this the attacker would need the victim to enable full page heap in the application...

CVE-2021-27043

An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order to exploit this the attacker would need the victim to enable full page heap in the application...

IE11: Use-after-free in Js::RegexHelper::RegexReplace(CVE-2018-0866)

There is a Use-after-free vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. Note that the PoC was tested in a 64-bit tab process via TabProcGrowth=0 registry flag and the pag...

Microsoft IE11 Js::RegexHelper::RegexReplace Use-After-Free

IE11: Use-after-free in Js::RegexHelper::RegexReplace CVE-2018-0866 There is a Use-after-free vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. Note that the PoC was tested i...

Microsoft Internet Explorer 11 - 'Js::RegexHelper::RegexReplace' Use-After-Free

var vars = new Array2; function main vars0 = Array1000000.joinString.fromCharCode0x41; vars1 = String.prototype.substring.callvars0, 1, vars0.length; String.prototype.replace.callvars1, RegExp, f; function farg1, arg2, arg3 alertarg3; vars0 = 1; CollectGarbage; return 'a'; main; +0x122e5d:...

Microsoft Windows - jscript!NameTbl::GetValDef Use-After-Free

Microsoft Windows - jscript!NameTbl::GetValDef Use-After-Free var vars = new Array100; forvar i=0;i !-- ============================================ PoC for WPAD might require page heap to trigger the crash: ============================================ function...

Windows jscript!NameTbl::GetValDef Use-After-Free

Windows: use-after-free in jscript!NameTbl::GetValDef CVE-2017-11903 There is a use-after-free vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - An attacker on the local network could exploit this issue by posing as a WPAD Web Proxy Auto-Discovery...

Microsoft Edge COptionsCollectionCacheItem::GetAt Out-Of-Bounds Read

Microsoft Edge: out-of-bounds read in COptionsCollectionCacheItem::GetAt CVE-2017-8734 There is an out-of-bounds read issue in Microsoft Edge that could potentially be turned into remote code execution. The vulnerability has been confirmed on Microsoft Edge 38.14393.1066.0 Microsoft EdgeHTML...

Microsoft IE: textarea.defaultValue memory disclosure (CVE-2017-0059)

There is an use-after-free bug in IE which can lead to info leak / memory disclosure. The bug was confirmed on Internet Explorer version 11.0.9600.18537 update version 11.0.38 PoC: function run var textarea = document.getElementById"textarea"; var frame = document.createElement"iframe";...

Microsoft Internet Explorer 9 - MSHTML CPtsTextParaclient::CountApes Out-of-Bounds Read

Microsoft Internet Explorer 9 - MSHTML CPtsTextParaclient::CountApes Out-of-Bounds Read oElement1 position: absolute; oElement2:after position: relative; content: counterx; onload = function oElement1 = document.createElement'oElement1'; document.documentElement.appendChildoElement1; oElement2 =...

Avira - Heap Underflow Parsing PE Section Headers

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=765 One of the things you might expect an Antivirus engine to do reliably is parse PE files. However, after some simple testing with Avira, I found a heap underflow that is, writing before a heap allocation parsing section headers...

Avast! - Heap Overflow Unpacking MoleBox Archives

Avast! - Heap Overflow Unpacking MoleBox Archives Source: https://code.google.com/p/google-security-research/issues/detail?id=552 Trivial fuzzing of molebox archives revealed a heap overflow decrypting the packed image in moleboxMaybeUnpack. This vulnerability is obviously exploitable for remote...

Chrome ui::AXTree::Unserialize Use-After-Free Exploit

Chrome suffers from a ui::AXTree::Unserialize related use-after-free vulnerability. 1503A - Chrome - ui::AXTree::Unserialize use-after-free CVE-2015-1277 TL;DR After 60 day deadline has passed, I am releasing details on an unfixed use-after-free vulnerability in Chrome's accessibility features,...