This article discusses the CVE-2021-40444 vulnerability and an alternative path that reduces the lines of JS code to trigger the issue and does not require CAB archives.
>> AUTHOR: deepcore
Apple Security Advisory 2021-09-13-1 – iOS 14.8 and iPadOS 14.8 addresses code execution, integer overflow, and use-after-free vulnerabilities.
Apple Security Advisory 2021-09-13-2 – watchOS 7.6.2 addresses code execution and integer overflow vulnerabilities.
Apple Security Advisory 2021-09-13-3 – macOS Big Sur 11.6 addresses code execution, integer overflow, and use-after-free vulnerabilities.
Apple Security Advisory 2021-09-13-4 – Security Update 2021-005 Catalina addresses code execution and integer overflow vulnerabilities.
Apple Security Advisory 2021-09-13-5 – Safari 14.1.2 addresses code execution and use-after-free vulnerabilities.
Yenkee Hornet Gaming Mouse – ‘GM312Fltr.sys’ Denial-Of-Service (PoC)
WebsiteBaker 2.13.0 – Remote Code Execution (RCE) (Authenticated)
Budget and Expense Tracker System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
This article discusses the CVE-2021-40444 vulnerability and an alternative path that reduces the lines of JS code to trigger the issue and does not require CAB archives.