553 matches found
CVE-2023-35386
creationtimestamp| type| source ---|---|--- 2023-08-08 22:14:26+00:00| seen| https://t.me/cibsecurity/68028 2024-04-18 16:45:00+00:00| seen| https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html 2024-12-19 18:03:00+00:00| seen|...
Summary: MTE As Implemented
By Mark Brand, Project Zero In mid-2022, Project Zero was provided with access to pre-production hardware implementing the ARM MTE specification. This blog post series is based on that review, and includes general conclusions about the effectiveness of MTE as implemented, specifically in the...
chromium -- multiple vulnerabilities
Chrome Releases reports: This update includes 17 security fixes: 1466183 High CVE-2023-4068: Type Confusion in V8. Reported by Jerry on 2023-07-20 1465326 High CVE-2023-4069: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2023-07-17 1462951 High CVE-2023-4070: Type Confusi...
CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices
The U.S. Cybersecurity and Infrastructure Security Agency CISA has placed a set of eight flaws to the Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. This includes six shortcomings affecting Samsung smartphones and two vulnerabilities impacting D-Link device...
Chrome Internal JavaScript Object Access Via Origin Trials
Chrome: Internal JavaScript object access via Origin Trials VULNERABILITY DETAILS 1. JSObject::DefineAccessor doesn't ensure that the receiver object is in a valid state before creating an accessor property. This allows callers to extend non-extensible objects and reconfigure non-configurable...
CVE-2023-32019
creationtimestamp| type| source ---|---|--- 2023-06-14 21:59:40+00:00| seen| https://t.me/BleepingComputer/17022 2023-06-14 23:56:21+00:00| seen| https://t.me/ctinow/118189 2023-06-15 00:44:02+00:00| seen| https://t.me/BleepingComputer/17026 2023-06-15 02:56:44+00:00| seen|...
chromium -- multiple vulnerabilities
Chrome Releases reports: This update includes 5 security fixes: 1450568 Critical CVE-2023-3214: Use after free in Autofill payments. Reported by Rong Jian of VRI on 2023-06-01 1446274 High CVE-2023-3215: Use after free in WebRTC. Reported by asnine on 2023-05-17 1450114 High CVE-2023-3216: Type...
CVE-2023-32409
creationtimestamp| type| source ---|---|--- 2023-05-19 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1028 2023-05-19 05:53:22+00:00| seen| https://t.me/thehackernews/3375 2023-05-19 06:56:21+00:00| exploited| Telegram/bE4151glB1jnVQjCfNZOuDShQFmqf3gXfesctExmF41Tw...
CVE-2023-28248
creationtimestamp| type| source ---|---|--- 2023-05-17 11:02:33+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8312 2024-04-18 16:45:00+00:00| seen| https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html 2024-12-19 18:03:00+00:00| seen|...
CVE-2023-23423
creationtimestamp| type| source ---|---|--- 2023-04-13 18:02:40+00:00| published-proof-of-concept| Telegram/gyCoGHimPrHuJIO4PODdzGa-SbQUX3r8l5z0rakuXLR 2023-04-18 07:16:18+00:00| published-proof-of-concept| https://t.me/RespaldoHackingTeam/1337 2023-04-18 12:11:38+00:00| seen|...
CVE-2023-28205
creationtimestamp| type| source ---|---|--- 2023-04-10 09:02:28+00:00| exploited| https://t.me/itsecnews/2430 2023-04-10 12:29:34+00:00| exploited| https://t.me/truesecator/4268 2023-04-10 20:57:52+00:00| published-proof-of-concept| https://t.me/kasperskyb2b/565 2023-04-10 22:22:59+00:00|...
Google reveals 18 chip vulnerabilities threatening mobile, wearables, vehicles
Googles Project Zero is warning of multiple significant vulnerabilities found across many models of mobile devices including Samsung Galaxy, Google Pixel, Vivo, and several forms of wearable and vehicles using certain types of components. Between late 2022 and early 2023, Project Zero reported 18...
Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips
Google is calling attention to a set of severe security flaws in Samsung's Exynos chips, some of which could be exploited remotely to completely compromise a phone without requiring any user interaction. The 18 zero-day vulnerabilities affect a wide range of Android smartphones from Samsung, Vivo...
CVE-2023-26496
creationtimestamp| type| source ---|---|--- 2023-03-16 18:07:00+00:00| seen| https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html...
Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems
Posted by Tim Willis, Project Zero In late 2022 and early 2023, Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung Semiconductor. The four most severe of these eighteen vulnerabilities CVE-2023-24033, CVE-2023-26496, CVE-2023-26497 and CVE-2023-26498 allowed...
CVE-2023-23421
creationtimestamp| type| source ---|---|--- 2023-03-14 19:23:18+00:00| seen| https://t.me/cibsecurity/59983 2023-04-13 18:02:40+00:00| published-proof-of-concept| Telegram/gyCoGHimPrHuJIO4PODdzGa-SbQUX3r8l5z0rakuXLR 2023-04-18 07:16:18+00:00| published-proof-of-concept|...
CVE-2023-26076
creationtimestamp| type| source ---|---|--- 2023-03-13 17:23:33+00:00| seen| https://t.me/cibsecurity/59905 2023-03-16 18:07:00+00:00| seen| https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html 2023-03-20 14:22:52+00:00| published-proof-of-concept|...
CVE-2023-26072
creationtimestamp| type| source ---|---|--- 2023-03-13 15:53:20+00:00| seen| https://t.me/cibsecurity/59886 2023-03-16 18:07:00+00:00| seen| https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html 2023-03-16 22:39:30+00:00| published-proof-of-concept|...
CVE-2023-26074
creationtimestamp| type| source ---|---|--- 2023-03-13 15:53:17+00:00| seen| https://t.me/cibsecurity/59883 2023-03-16 18:07:00+00:00| seen| https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html 2023-03-16 22:39:30+00:00| published-proof-of-concept|...
CVE-2022-42855
creationtimestamp| type| source ---|---|--- 2023-01-12 16:59:00+00:00| seen| https://googleprojectzero.blogspot.com/2023/01/der-entitlements-brief-return-of.html 2023-01-15 14:05:51+00:00| published-proof-of-concept| https://t.me/crackcodes/2275 2023-01-15 14:33:26+00:00|...