2017 November

WordPress Emag Marketplace Connector 1.0 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

WordPress Emag Marketplace Connector plugin version 1.0 suffers from a cross site scripting vulnerability.

Microsoft Windows CI CiSetFileCache TOCTOU Security Feature Bypass

Posted by deepcore under exploit (No Respond)

It is possible to add a cached signing level to an unsigned file by exploiting a TOCTOU in CI leading to circumvention of Device Guard policies and possibly PPL signing levels.

Microsoft Windows nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry) Disclosure

Posted by deepcore under exploit (No Respond)

It was discovered that the nt!NtQueryDirectoryFile system call discloses portions of uninitialized pool memory to user-mode clients on Windows 10, due to uninitialized fields in the output structure being copied to the application.

[dos] WebKit – 'WebCore::PositionIterator::decrement' Use-After-Free

Posted by deepcore under Security (No Respond)

WebKit – ‘WebCore::PositionIterator::decrement’ Use-After-Free

Tags: 0day, remote exploit

[dos] WebKit – 'WebCore::InputType::element' Use-After-Free

Posted by deepcore under Security (No Respond)

WebKit – ‘WebCore::InputType::element’ Use-After-Free

Tags: 0day, remote exploit

[dos] WebKit – 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read

Posted by deepcore under Security (No Respond)

WebKit – ‘WebCore::RenderText::localCaretRect’ Out-of-Bounds Read

Tags: 0day, remote exploit

[dos] WebKit – 'WebCore::AXObjectCache::performDeferredCacheUpdate' Use-After-Free

Posted by deepcore under Security (No Respond)

WebKit – ‘WebCore::AXObjectCache::performDeferredCacheUpdate’ Use-After-Free

Tags: 0day, remote exploit

[dos] WebKit – 'WebCore::SimpleLineLayout::RunResolver::runForPoint' Out-of-Bounds Read

Posted by deepcore under Security (No Respond)

WebKit – ‘WebCore::SimpleLineLayout::RunResolver::runForPoint’ Out-of-Bounds Read

Tags: 0day, remote exploit

[dos] WebKit – 'WebCore::Style::TreeResolver::styleForElement' Use-After-Free

Posted by deepcore under Security (No Respond)

WebKit – ‘WebCore::Style::TreeResolver::styleForElement’ Use-After-Free

Tags: 0day, remote exploit

[dos] WebKit – 'WebCore::SVGPatternElement::collectPatternAttributes' Out-of-Bounds Read

Posted by deepcore under Security (No Respond)

WebKit – ‘WebCore::SVGPatternElement::collectPatternAttributes’ Out-of-Bounds Read

Tags: 0day, remote exploit

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

WordPress Emag Marketplace Connector 1.0 Cross Site Scripting

Microsoft Windows CI CiSetFileCache TOCTOU Security Feature Bypass

Microsoft Windows nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry) Disclosure

[dos] WebKit – 'WebCore::PositionIterator::decrement' Use-After-Free

[dos] WebKit – 'WebCore::InputType::element' Use-After-Free

[dos] WebKit – 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read

[dos] WebKit – 'WebCore::AXObjectCache::performDeferredCacheUpdate' Use-After-Free

[dos] WebKit – 'WebCore::SimpleLineLayout::RunResolver::runForPoint' Out-of-Bounds Read

[dos] WebKit – 'WebCore::Style::TreeResolver::styleForElement' Use-After-Free

[dos] WebKit – 'WebCore::SVGPatternElement::collectPatternAttributes' Out-of-Bounds Read

Tabs Switcher

Categories

Archives

Meta

BLOGROLL