Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2) Exploit

Exploit for windows platform in category dos / poc / Here's a snippet of JavascriptArray::BoxStackInstance. template T JavascriptArray::BoxStackInstanceT instance, bool deepCopy AssertThreadContext::IsOnStackinstance; // On the stack, the we reserved a pointer before the object as to store the...

kernel security update

3.10.0-693.11.6.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-693.11.6 - x86 specctrl: Eliminate redundant FEATURE Not Present messages Andrea...

Linux ARM / ARM64 - perf_event_open() Arbitrary Memory Read

Exploit for linux platform in category dos / poc perfeventopen offers to collect various pieces of information when an event occurs, including a user stack backtrace PERFSAMPLECALLCHAIN. To collect a user stack backtrace, the kernel grabs the userland register state if the event occured in...

SUSE SLES11 Security Update : samba (SUSE-SU-2016:0905-1)

"This update for samba fixes the following issues : Security issue fixed : - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; bso11648 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...