AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() ![]() ![]() Use after free in Site isolation in Google Chrome prior to. 71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. Inappropriate implementation in DevTools in Google Chrome prior to. 45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to. 54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Heap buffer overflow in Skia in Google Chrome prior to. ![]() Exploitation of this issue does not require user interaction and could result in arbitrary code execution. Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.Īdobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability. The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. ![]() If the client connects to the server and sends a large radius packet, a buffer overflow vulnerability will be triggered. This vulnerability affects Firefox val.integer without any bound checks. The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. ![]()
0 Comments
Read More
Leave a Reply. |