The enlightened lockdown policy check for COM Class instantiation can be bypassed in Scriptlet hosts leading to arbitrary code execution on a system with UMCI enabled (e.g. Device Guard).
>> CATEGORY: exploit
The Microsoft Windows kernel pool address is leaked via an undocumented GetFontData feature in ATMFD.
The OpenType ATMFD.DLL kernel-mode font driver on Windows has an undocumented “escape” interface, handled by the standard DrvEscape and DrvFontManagement functions implemented by the module. The interface is very similar…
Microsoft Edge suffers from a memory corruption vulnerability in Object.setPrototypeOf.
Microsoft Edge Chakra suffers from a JIT related type confusion vulnerability with switch statements.
Microsoft Edge Chakra suffers from a Jit related incorrect integer overflow check in Lowerer::LowerBoundCheck.
Microsoft Edge Chakra suffers from a JIT issue where bailouts must be generated for OP_Memset.
D-Link DIR605L versions 2.08 and below suffer from a denial of service vulnerability via a simple HTTP GET.
WordPress Affiliate Ads for Clickbank Products plugin version 1.3 suffers from a cross site scripting vulnerability.
WordPress AMP Toolbox plugin version 1.9.4 suffers from a cross site scripting vulnerability.