Lucene search
K

17 matches found

FreeBSD
FreeBSD
added 2023/11/07 12:0 a.m.34 views

chromium -- security update

Chrome Releases reports: This update includes 1 security fix: 1497859 High CVE-2023-5996: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab via Tianfu Cup 2023 on 2023-10-30...

8.8CVSS7.5AI score0.01976EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/11 1:50 p.m.34 views

CVE-2019-16471 Use-After-Free in app.measureDialog - Tianfu Cup

Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS8.8AI score0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/11 1:50 p.m.24 views

CVE-2019-16470 CoolType.dll crash - Tianfu Cup

Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS8.8AI score0.00461EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2021/12/14 11:10 p.m.53 views

Apple iOS Update Fixes Cringey iPhone 13 Jailbreak Exploit

As if the Log4Shell hellscape wasn’t already driving everybody starkers, it’s time to update iOS 15.2 and a crop of other Apple iGadgets, lest your iPhone get taken over by a malicious app that executes arbitrary code with kernel privileges. To paraphrase one mobile security expert, the iOS 15.2...

9.3CVSS8.6AI score0.18024EPSS
Exploits6References22
The Hacker News
The Hacker News
added 2021/12/14 6:10 a.m.88 views

Latest Apple iOS Update Patches Remote Jailbreak Exploit for iPhones

Apple on Monday released updates to iOS, macOS, tvOS, and watchOS with security patches for multiple vulnerabilities, including a remote jailbreak exploit chain as well as a number of critical issues in the Kernel and Safari web browser that were first demonstrated at the Tianfu Cup held in China...

9.3CVSS1.4AI score0.18024EPSS
Exploits7
The Hacker News
The Hacker News
added 2021/11/10 6:24 a.m.216 views

Microsoft Issues Patches for Actively Exploited Excel, Exchange Server 0-Day Bugs

Microsoft has released security updates as part of its monthly Patch Tuesday release cycle to address 55 vulnerabilities across Windows, Azure, Visual Studio, Windows Hyper-V, and Office, including fixes for two actively exploited zero-day flaws in Excel and Exchange Server that could be abused t...

9.8CVSS9.8AI score0.90388EPSS
Exploits11
ThreatPost
ThreatPost
added 2021/11/09 9:41 p.m.92 views

Microsoft Nov. Patch Tuesday Fixes Six Zero-Days, 55 Bugs

Microsoft reported a total of 55 vulnerabilities, six of which are rated critical, with the remaining 49 being rated important. The flaws are found in Microsoft Windows and Windows Components, Azure, Azure RTOS, Azure Sphere, Microsoft Dynamics, Microsoft Edge Chromium-based, Exchange Server,...

9.8CVSS9.2AI score0.99999EPSS
Exploits75References20
The Hacker News
The Hacker News
added 2021/10/29 4:8 a.m.126 views

Google Releases Urgent Chrome Update to Patch 2 Actively Exploited 0-Day Bugs

Google on Thursday rolled out an emergency update for its Chrome web browser, including fixes for two zero-day vulnerabilities that it says are being actively exploited in the wild. Tracked as CVE-2021-38000 and CVE-2021-38003, the weaknesses relate to insufficient validation of untrusted input i...

9.6CVSS1.7AI score0.70435EPSS
Exploits16
HackRead
HackRead
added 2021/10/18 4:1 p.m.20 views

iPhone 13 Pro, Windows, Chrome, Linux and others pwned at Tianfu Cup

By Waqas Tianfu Cup is the Chinese version of the Pwn2own in Kunlun Lab managed to secure first place by hacking iPhone 13. This is a post from HackRead.com Read the original post: iPhone 13 Pro, Windows, Chrome, Linux and others pwned at Tianfu Cup...

2.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/10/18 5:53 a.m.23 views

Windows 10, Linux, iOS, Chrome and Many Others at Hacked Tianfu Cup 2021

Windows 10, iOS 15, Google Chrome, Apple Safari, Microsoft Exchange Server, and Ubuntu 20 were successfully broken into using original, never-before-seen exploits at the Tianfu Cup 2021, the fourth edition of the international cybersecurity contest held in the city of Chengdu, China. Targets this...

1.9AI score
Exploits0
ThreatPost
ThreatPost
added 2020/11/20 8:18 p.m.86 views

VMware Fixes Critical Flaw in ESXi Hypervisor

VMware has hurried out fixes for a critical flaw in its ESXi hypervisor, a few weeks after it was found during China’s Tianfu Cup hacking competition. The use-after-free vulnerability CVE-2020-4004 has a CVSS score of 9.3 out of 10, making it critical. It exists in the eXtensible Host Controller...

1.4AI score0.00392EPSS
Exploits0References7
HackRead
HackRead
added 2020/11/09 7:0 p.m.18 views

Tianfu Cup 2020: Hackers pwn Windows, iPhone, Chrome for big bucks

By Sudais Asif In total, ethical hackers earned $1.2 million in the bug bounty competition. This is a post from HackRead.com Read the original post: Tianfu Cup 2020: Hackers pwn Windows, iPhone, Chrome for big bucks...

3.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/09 7:59 a.m.3 views

Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition

Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China. "Many mature and hard targets have bee...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/09 7:59 a.m.168 views

Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition

Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China. "Many mature and hard targets have bee...

1.6AI score
Exploits0
ThreatPost
ThreatPost
added 2019/11/18 12:18 p.m.87 views

Tianfu Cup Round-Up: Safari, Chrome, D-Link Routers and Office 365 Successfully Hacked

Hackers over the weekend successfully compromised widely used software and hardware–including browsers Safari and Chrome, D-Link routers and the Office 365 suite–using zero-day vulnerabilities at the annual Tianfu Cup gathering. The hacking competition, held in Chengdu, China, is very similar to...

0.1AI score
Exploits0References21
GoogleProjectZero
GoogleProjectZero
added 2019/08/29 12:0 a.m.193 views

In-the-wild iOS Exploit Chain 5

Posted by Ian Beer, Project Zero TL;DR This exploit chain is a three way collision between this attacker group, Brandon Azad from Project Zero, and @S0rryMybad from 360 security. On November 17th 2018, @S0rryMybad used this vulnerability to win $200,000 USD at the TianFu Cup PWN competition...

7.8CVSS7.8AI score0.28548EPSS
Exploits4
VMware
VMware
added 2018/11/20 12:0 a.m.201 views

VMSA-2018-0030:VMware Workstation and Fusion updates address an integer overfLOW issue.

VMSA-2018-0030 VMware Workstation and Fusion updates address an integer overflow issue. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0030 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware Workstation and Fusion updates address an...

8.8CVSS9.2AI score0.00452EPSS
Exploits0References14Affected Software2
Rows per page
Query Builder