浏览器安全

NV8漏洞在《DOTA2》游戏中被利用

当我们想到V8的漏洞时,首先想到的可能是复杂的浏览器零日漏洞链。虽然浏览器可能是V8最有喜欢的攻击目标,但除了浏览器之外,这个开源JavaScript引擎也嵌入...

Issue 2373: Arm Mali CSF: kbase_kcpu_command_queue UAF in kbase_csf_kcpu_queue_enqueue()

Tested version VX504X08X-SW-99002-r40p0-01eac0. Tested using CONFIG_MALI_NO_MALI on X86-64. kbase_csf_kcpu_queue_enqueue() locks the kctx->csf....

Chrome v8 Issue 1307610漏洞及其利用分析

本文为看雪论坛优秀文章看雪论坛作者ID:苏啊树环境:Ubuntu 18.04GDBV8 9.9.115由于接触v8的时间的原因,导致对v8漏洞熟悉的大部分为Turbofan,IC模块的,类...

Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game

When we think about V8 exploits, the first things that come to mind are probably related to sophisticated browser zero-day exploit chains. While th...

1377816: Security: WebAssembly UAF in catch block with stale memory start pointer

VULNERABILITY DETAILS WebAssembly memory start and size are stored as wasm instance fields. The WasmGraphBuilder caches the corresponding TurboFan...

CVE-2022-4135: Chrome heap buffer overflow in validating command decoder

The Basics Disclosure or Patch Date: 24 November 2022 Product: Google Chrome Advisory: https://chromereleases.googleblog.com/2022/11/stable-chann...

CVE-2022-34689 - CryptoAPI spoofing vulnerability

CVE-2022-34689 - CryptoAPI spoofing vulnerability This is the git repository for our research into CVE-2022-34689. For more information about the v...

2381 - Chrome: Copy-on-write check bypass in JSNativeContextSpecialization::BuildElementAccess - project-zero

ecialization::BuildElementAccess( Node* receiver, Node* index, Node* value, Node* effect, Node* control, Node* context, ElementAccessInfo const&a...

Firefox在野0day分析

RCE部分 在渲染进程通过一个JS脚本利用XSL对象解析的UAF漏洞执行远程ShellCode。 漏洞原理 利用程序首先定义一些XML,内部包含多个XSL对象。 随后调用tran...

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

Welcome to the third and final installment of the “Chrome Browser Exploitation” series. The main objective of this series has been to provide an in...
1 2 3 8