>> ARCHIVE: 2015-12

The Dell Pre-Boot Authentication Driver (PBADRV.sys) contains a vulnerability that can be leveraged to enable an attacker to write arbitrary code. The ‘OutputAddress’ from the IOCTL call is not validated…

The Vulnerability Laboratory Research Team discovered a persistent input validation web vulnerability in the official DELL Scrutinizer v12.0.3 Software.

The Vulnerability Laboratory Research Team discovered an application-side input validation web vulnerability in the official Lithium Forum online service web-application.

Samsung Galaxy S6 suffers from a bitmap decoding crash in Samsung Gallery.

Samsung Galaxy S6 suffers from a gif parsing crash in Samsung Gallery.

This proof of concept exploit triggers a crash on Windows 7 32-bit with Special Pool enabled on win32k.sys. The kernel crashes due to a use-after-free condition with bitmaps in the…

This proof of concept exploit triggers a null pointer condition on Windows 7 32-bit, which can potentially be exploited on versions of Windows that allow mapping the null page (e.g….

This proof of concept exploit triggers a null pointer vulnerability in OffsetChildren on Windows 7 32-bit. By mapping the null page an attacker can leverage this vulnerability to write to…

There are a number of use-after-free vulnerabilities in MovieClip.beginGradientFill. If the spreadMethod or any other string parameter is an object with toString defined, this method can free the MovieClip, which…