Lucene search
K

152 matches found

Prion
Prion
added 2020/03/10 8:15 p.m.18 views

Out-of-bounds

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0...

7.2CVSS8.2AI score0.00199EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/03/10 7:55 p.m.21 views

CVE-2020-0033

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0...

8AI score0.00199EPSS
Exploits0References1
exploitpack
exploitpack
added 2019/05/21 12:0 a.m.170 views

Apple macOS 10.14.5 iOS 12.3 XNU - in6_pcbdetach Stale Pointer Use-After-Free

Apple macOS 10.14.5 iOS 12.3 XNU - in6pcbdetach Stale Pointer Use-After-Free Reproduction Repros on 10.14.3 when run as root. It may need multiple tries to trigger. $ clang -o in6selectsrc in6selectsrc.cc $ while 1; do sudo ./in6selectsrc; done res0: 3 res1: 0 res1.5: -1 // failure expected here...

9.3CVSS0.3AI score0.17438EPSS
Exploits6
0day.today
0day.today
added 2019/05/21 12:0 a.m.258 views

macOS < 10.14.5 / iOS < 12.3 XNU - in6_pcbdetach Stale Pointer Use-After-Free Exploit

macOS soflags & SOFPCBCLEARING struct ipmoptions imo; struct ip6moptions im6o; inp-inpvflag = 0; if inp-in6poptions != NULL mfreeminp-in6poptions; inp-in6poptions = NULL; // in6poutputopts; // in6proute; // free IPv4 related resources in case of mapped addr if inp-inpoptions != NULL void...

7.8CVSS8.1AI score0.17438EPSS
Exploits6
Packet Storm
Packet Storm
added 2019/05/21 12:0 a.m.210 views

XNU Stale Pointer Use-After-Free

XNU: Use-after-free due to stale pointer left by in6pcbdetach Related CVE Numbers: CVE-2019-8605Fixed-2019-May-13. Reproduction Repros on 10.14.3 when run as root. It may need multiple tries to trigger. $ clang -o in6selectsrc in6selectsrc.cc $ while 1; do sudo ./in6selectsrc; done res0: 3 res1: ...

0.1AI score0.17438EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/05/21 12:0 a.m.303 views

Apple macOS &lt; 10.14.5 / iOS &lt; 12.3 XNU - &#039;in6_pcbdetach&#039; Stale Pointer Use-After-Free

Reproduction Repros on 10.14.3 when run as root. It may need multiple tries to trigger. $ clang -o in6selectsrc in6selectsrc.cc $ while 1; do sudo ./in6selectsrc; done res0: 3 res1: 0 res1.5: -1 // failure expected here res2: 0 done ... crash Explanation The following snippet is taken from...

9.3CVSS8AI score0.17438EPSS
Exploits6
Exploit DB
Exploit DB
added 2015/12/17 12:0 a.m.17 views

Adobe Flash GradientFill - Use-After-Frees

Source: https://code.google.com/p/google-security-research/issues/detail?id=557 There are a number of use-after-free vulnerabilities in MovieClip.beginGradientFill. If the spreadMethod or any other string parameter is an object with toString defined, this method can free the MovieClip, which is...

7.4AI score
Exploits0
Prion
Prion
added 2014/12/26 2:59 a.m.18 views

Null pointer dereference

rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted SVG document that leads to a "stale pointer."...

7.5CVSS7.7AI score0.01081EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2014/12/26 2:59 a.m.19 views

CVE-2011-1793

rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted SVG document that leads to a "stale pointer."...

7.5CVSS7.1AI score0.01081EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2014/12/26 2:59 a.m.28 views

CVE-2011-1793

rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted SVG document that leads to a "stale pointer."...

7.5CVSS5.9AI score0.01081EPSS
Exploits0References4
securityvulns
securityvulns
added 2011/10/10 12:0 a.m.28 views

VUPEN Security Research - Google Chrome WebKit Engine Child Tag Deletion Stale Pointer Vulnerability

VUPEN Security Research - Google Chrome WebKit Engine Child Tag Deletion Stale Pointer Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Google Chrome is a web browser developed by Google that uses the WebKit...

Exploits0
seebug.org
seebug.org
added 2011/10/09 12:0 a.m.28 views

Google Chrome WebKit Engine Ruby Tag Stale Pointer

No description provided by source. VUPEN Security Research - Google Chrome WebKit Engine Ruby Tag Stale Pointer Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Google Chrome is a web browser developed by...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/09/12 12:0 a.m.50 views

Debian DSA-2307-1 : chromium-browser - several vulnerabilities

Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-2818 Use-after-free vulnerability in Google Chrome allows remote attackers to cause a denial of service or possibly have unspecified oth...

6.8CVSS5.7AI score0.01541EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2011/08/04 12:0 a.m.44 views

Google Chrome < 13.0.782.107 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 13.0.782.107. As such, it is potentially affected by several vulnerabilities : - An unspecified error exists related to extension installation and confirmation dialogs. Issue 75821 - A stale pointer issue exists related to...

6.8CVSS7.5AI score0.0161EPSS
Exploits1References30
Cvelist
Cvelist
added 2011/08/03 12:0 a.m.26 views

CVE-2011-2359

Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

7AI score0.01541EPSS
Exploits1References12
Debian CVE
Debian CVE
added 2011/08/03 12:0 a.m.55 views

CVE-2011-2359

Removed by vendor...

6.8CVSS6.6AI score0.01541EPSS
Exploits1
ThreatPost
ThreatPost
added 2011/08/02 6:10 p.m.31 views

Google Fixes 30 Bugs in Chrome, Pays $17K in Bounties

Google has fixed 30 bugs in version 13.0.782.107, the latest build of its Chrome browser, pushed to the stable channel for Windows, Mac and Linux today. 14 of the bugs are deemed high-risk, including cross-origin script injection, HTML range handling and URI handling issues. Nine of the bugs are...

7.5CVSS0.0161EPSS
Exploits1References34
Zero Day Initiative
Zero Day Initiative
added 2011/06/21 12:0 a.m.34 views

Mozilla Firefox nsXULCommandDispatcher Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS4.4AI score0.05572EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/06/10 12:0 a.m.48 views

Debian DSA-2245-1 : chromium-browser - several vulnerabilities

Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-1292 Use-after-free vulnerability in the frame-loader implementation in Google Chrome allows remote attackers to cause a denial of servi...

9.3CVSS8AI score0.04375EPSS
Exploits6References14
UbuntuCve
UbuntuCve
added 2011/06/09 7:55 p.m.27 views

CVE-2011-1813

Google Chrome before 12.0.742.91 does not properly implement the framework for extensions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

6.8CVSS5.9AI score0.01353EPSS
Exploits0References2
Rows per page
Query Builder