Lucene search
K

553 matches found

Circl
Circl
added 2023/01/11 12:42 a.m.13 views

CVE-2023-21776

creationtimestamp| type| source ---|---|--- 2023-01-11 00:42:05+00:00| seen| https://t.me/cibsecurity/56312 2024-04-18 16:45:00+00:00| seen| https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html...

5.5CVSS6.6AI score0.01012EPSS
Exploits0References2
OSV
OSV
added 2022/11/29 11:55 p.m.24 views

GHSA-J2JP-WVQG-WC2G crewjam/saml vulnerable to signature bypass via multiple Assertion elements due to improper authentication

Impact The crewjam/saml go library is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. Patches This issue has been corrected in version 0.4.9. Credit This issue was reported by Felix Wilhelm from Google Project Zero...

9.1CVSS7.9AI score0.02179EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2022/11/29 11:55 p.m.39 views

crewjam/saml vulnerable to signature bypass via multiple Assertion elements due to improper authentication

Impact The crewjam/saml go library is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. Patches This issue has been corrected in version 0.4.9. Credit This issue was reported by Felix Wilhelm from Google Project Zero...

9.8CVSS9.2AI score0.02179EPSS
Exploits0References8Affected Software1
The Hacker News
The Hacker News
added 2022/11/24 11:17 a.m.51 views

Millions of Android Devices Still Don't Have Patches for Mali GPU Flaws

A set of five medium-severity security flaws in Arm's Mali GPU driver has continued to remain unpatched on Android devices for months, despite fixes released by the chipmaker. Google Project Zero, which discovered and reported the bugs, said Arm addressed the shortcomings in July and August 2022...

6.5CVSS0.3AI score0.00908EPSS
Exploits1
Circl
Circl
added 2022/11/22 9:5 p.m.11 views

CVE-2022-36449

creationtimestamp| type| source ---|---|--- 2022-11-22 21:05:00+00:00| seen| https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html 2022-11-24 12:08:24+00:00| published-proof-of-concept| https://t.me/truesecator/3742 2023-06-12 00:58:47+00:00| published-proof-of-concept|...

6.5CVSS6.6AI score0.00908EPSS
Exploits1References3
GoogleProjectZero
GoogleProjectZero
added 2022/11/04 12:0 a.m.70 views

A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain

Posted by Maddie Stone, Project Zero Note: The three vulnerabilities discussed in this blog were all fixed in Samsung’s March 2021 release. They were fixed as CVE-2021-25337, CVE-2021-25369, CVE-2021-25370. To ensure your Samsung device is up-to-date under settings you can check that your device ...

7.8CVSS7.5AI score0.72105EPSS
Exploits28
GithubExploit
GithubExploit
added 2022/11/02 6:38 p.m.231 views

Exploit for CVE-2022-33679

CVE-2022-33679 One day based on https://googleproject...

8.1CVSS6.4AI score0.0855EPSS
Exploits6
GithubExploit
GithubExploit
added 2022/11/02 6:38 p.m.541 views

Exploit for CVE-2022-33079

CVE-2022-33679 One day based on https://googleproject...

8.1CVSS7.4AI score0.0855EPSS
Exploits6
Circl
Circl
added 2022/10/26 7:0 a.m.11 views

CVE-2022-33647

creationtimestamp| type| source ---|---|--- 2022-10-26 07:00:06+00:00| published-proof-of-concept| https://t.me/TopCyberTechNews/189 2022-10-27 19:48:00+00:00| seen| https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html 2022-10-31 19:01:56+00:00| seen|...

8.1CVSS8.2AI score0.01718EPSS
Exploits1References3
Circl
Circl
added 2022/10/10 2:23 a.m.5 views

CVE-2022-42703

creationtimestamp| type| source ---|---|--- 2022-10-10 02:23:31+00:00| seen| https://t.me/cibsecurity/51054 2022-12-08 19:04:00+00:00| seen| https://googleprojectzero.blogspot.com/2022/12/exploiting-CVE-2022-42703-bringing-back-the-stack-attack.html 2022-12-08 20:20:35+00:00| seen|...

5.5CVSS6.6AI score0.00971EPSS
Exploits3References18
Circl
Circl
added 2022/09/26 8:23 p.m.6 views

CVE-2022-3038

creationtimestamp| type| source ---|---|--- 2022-09-26 20:23:01+00:00| seen| https://t.me/cibsecurity/50511 2023-03-30 18:17:31+00:00| seen| https://t.me/truesecator/4237 2023-06-14 21:10:04+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-09-19 16:01:00+00:00| seen|...

8.8CVSS7.5AI score0.24738EPSS
Exploits1References7
NCSC
NCSC
added 2022/08/24 12:0 a.m.3 views

Vulnerability fixed in Xpdf and Xpdfreader

A vulnerability has been fixed in Xpdf and Xpdfreader. A malicious party can exploit the vulnerabilities to cause a Denial-of-Service or to execute arbitrary code in the scope of the application. Google's Project Zero published a comprehensive analysis in December 2021 published about a zero-clic...

7.8CVSS7.4AI score0.00314EPSS
Exploits0
Circl
Circl
added 2022/08/03 2:18 a.m.14 views

CVE-2022-33917

creationtimestamp| type| source ---|---|--- 2022-08-03 02:18:11+00:00| seen| https://t.me/cibsecurity/47453 2022-11-22 21:05:00+00:00| seen| https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html 2022-11-23 11:03:00+00:00| published-proof-of-concept|...

5.5CVSS6.2AI score0.0041EPSS
Exploits0References7
Circl
Circl
added 2022/07/19 10:40 p.m.11 views

CVE-2022-34169

creationtimestamp| type| source ---|---|--- 2022-07-19 22:40:50+00:00| seen| https://t.me/cibsecurity/46575 2022-08-15 09:47:35+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/2946 2022-11-02 11:41:00+00:00| seen|...

7.5CVSS6.8AI score0.17673EPSS
Exploits2References6
The Hacker News
The Hacker News
added 2022/07/05 2:55 a.m.476 views

Update Google Chrome Browser to Patch New Zero-Day Exploit Detected in the Wild

Google on Monday shipped security updates to address a high-severity zero-day vulnerability in its Chrome web browser that it said is being exploited in the wild. The shortcoming, tracked as CVE-2022-2294, relates to a heap overflow flaw in the WebRTC component that provides real-time audio and...

8.8CVSS0.8AI score0.70461EPSS
Exploits3
The Hacker News
The Hacker News
added 2022/06/20 10:10 a.m.75 views

Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild

A security flaw in Apple Safari that was exploited in the wild earlier this year was originally fixed in 2013 and reintroduced in December 2016, according to a new report from Google Project Zero. The issue, tracked as CVE-2022-22620 CVSS score: 8.8, concerns a case of a use-after-free...

8.8CVSS1.8AI score0.16342EPSS
Exploits0
GoogleProjectZero
GoogleProjectZero
added 2022/06/14 12:0 a.m.105 views

An Autopsy on a Zombie In-the-Wild 0-day

Posted by Maddie Stone, Google Project Zero Whenever there’s a new in-the-wild 0-day disclosed, I’m very interested in understanding the root cause of the bug. This allows us to then understand if it was fully fixed, look for variants, and brainstorm new mitigations. This blog is the story of a...

8.8CVSS8.2AI score0.16342EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/04/20 2:1 p.m.32 views

Google Project Zero Detects a Record Number of Zero-Day Exploits in 2021

Google Project Zero called 2021 a "record year for in-the-wild 0-days," as 58 security vulnerabilities were detected and disclosed during the course of the year. The development marks more than a two-fold jump from the previous maximum when 28 0-day exploits were tracked in 2015. In contrast, onl...

8.2AI score
Exploits0
GoogleProjectZero
GoogleProjectZero
added 2022/04/19 12:0 a.m.415 views

The More You Know, The More You Know You Don’t Know

A Year in Review of 0-days Used In-the-Wild in 2021 Posted by Maddie Stone, Google Project Zero This is our third annual year in review of 0-days exploited in-the-wild 2020, 2019. Each year we’ve looked back at all of the detected and disclosed in-the-wild 0-days as a group and synthesized what w...

10CVSS9.7AI score0.99999EPSS
Exploits383
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2022/04/04 12:0 a.m.211 views

Stable Channel Update for Desktop

The Stable channel has been updated to 100.0.4896.75 for Windows, Mac and Linux which will roll out over the coming days/weeks. The Extended Stable channel has been updated to 100.0.4896.75 for Windows and Mac which will roll out over the coming days/weeks. Security Fixes and Rewards Note: Access...

8.8CVSS8AI score0.16488EPSS
Exploits2Affected Software1
Rows per page
Query Builder