|
2019-04-03
|
|
Google Chrome 73.0.3683.39 / Chromium 74.0.3712.0 - 'ReadableStream' Internal Object Leak Type Confu
|
6 |
DOS
|
Google Security Research
|
|
2019-04-03
|
|
Google Chrome 72.0.3626.81 - 'V8TrustedTypePolicyOptions::ToImpl' Type Confusion
|
7 |
DOS
|
Google Security Research
|
|
2019-04-03
|
|
WebKitGTK+ - 'ThreadedCompositor' Race Condition
|
9 |
DOS
|
Google Security Research
|
|
2019-04-03
|
|
WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-Free
|
8 |
DOS
|
Google Security Research
|
|
2019-04-03
|
|
WebKit JavaScriptCore - Out-Of-Bounds Access in FTL JIT due to LICM Moving Array Access Before the B
|
9 |
DOS
|
Google Security Research
|
|
2019-04-03
|
|
iOS < 12.2 / macOS < 10.14.4 XNU - pidversion Increment During execve is Unsafe
|
8 |
DOS
|
Google Security Research
|
|
2019-04-03
|
|
WebKit JavaScriptCore - 'createRegExpMatchesArray' Type Confusion
|
7 |
DOS
|
Google Security Research
|
|
2019-04-03
|
|
SpiderMonkey - IonMonkey Compiled Code Fails to Update Inferred Property Types (Type Confusion)
|
7 |
DOS
|
Google Security Research
|
|
2019-03-28
|
|
gnutls 3.6.6 - 'verify_crt()' Use-After-Free
|
10 |
DOS
|
Google Security Research
|
|
2019-03-28
|
|
Microsoft Visio 2016 16.0.4738.1000 - 'Log in accounts' Denial of Service
|
6 |
DOS
|
César Adrián Coronado Llanos
|
|
2019-03-26
|
|
Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR
|
9 |
DOS
|
Google Security Research
|
|
2019-03-26
|
|
Firefox < 66.0.1 - 'Array.prototype.slice' Buffer Overflow
|
7 |
DOS
|
xuechiyaobai
|
|
2019-03-26
|
|
Microsoft Windows 7/2008 - 'Win32k' Denial of Service (PoC)
|
7 |
DOS
|
ze0r
|
|
2019-03-22
|
|
snap - seccomp BBlacklist for TIOCSTI can be Circumvented
|
10 |
DOS
|
Google Security Research
|
|
2019-03-21
|
|
Canarytokens 2019-03-01 - Detection Bypass
|
8 |
DOS
|
Benjamin Zink Loft_ Gionathan Reale
|
|
2019-03-19
|
|
Google Chrome < M73 - FileSystemOperationRunner Use-After-Free
|
9 |
DOS
|
Google Security Research
|
|
2019-03-19
|
|
Google Chrome < M73 - MidiManagerWin Use-After-Free
|
8 |
DOS
|
Google Security Research
|
|
2019-03-19
|
|
Microsoft Edge - Flash click2play Bypass with CObjectElement::FinalCreateObject
|
8 |
DOS
|
Google Security Research
|
|
2019-03-19
|
|
Microsoft VBScript - VbsErase Memory Corruption
|
10 |
DOS
|
Google Security Research
|
|
2019-03-19
|
|
Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML
|
9 |
DOS
|
Google Security Research
|
|
2019-03-19
|
|
Google Chrome < M73 - Data Race in ExtensionsGuestViewMessageFilter
|
7 |
DOS
|
Google Security Research
|
|
2019-03-19
|
|
Google Chrome < M73 - Double-Destruction Race in StoragePartitionService
|
11 |
DOS
|
Google Security Research
|
|
2019-03-19
|
|
libseccomp < 2.4.0 - Incorrect Compilation of Arithmetic Comparisons
|
8 |
DOS
|
Google Security Research
|
|
2019-03-18
|
|
WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 - Denial of Service
|
7 |
DOS
|
Achilles
|
|
2019-03-18
|
|
WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 - Denial of Service
|
8 |
DOS
|
Achilles
|
|
2019-03-18
|
|
WinMPG Video Convert 9.3.5 - Denial of Service
|
8 |
DOS
|
Achilles
|
|
2019-03-18
|
|
WinMPG Video Convert 9.3.5 - Denial of Service
|
9 |
DOS
|
Achilles
|
|
2019-03-13
|
|
Core FTP Server FTP / SFTP Server v2 Build 674 - 'SIZE' Directory Traversal
|
7 |
DOS
|
Kevin Randall
|
|
2019-03-13
|
|
Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal
|
7 |
DOS
|
Kevin Randall
|
|
2019-03-13
|
|
Microsoft Windows - '.reg' File / Dialog Box Message Spoofing
|
7 |
DOS
|
hyp3rlinx
|
|
2019-03-12
|
|
Core FTP 2.0 build 653 - 'PBSZ' Denial of Service (PoC)
|
16 |
DOS
|
Hodorsec
|
|
2019-03-12
|
|
Core FTP 2.0 build 653 - 'PBSZ' Denial of Service (PoC)
|
9 |
DOS
|
Hodorsec
|
|
2019-03-11
|
|
Linux Kernel 4.4 (Ubuntu 16.04) - 'snd_timer_user_ccallback()' Kernel Pointer Leak
|
8 |
DOS
|
wally0813
|
|
2019-03-06
|
|
Android - getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass
|
7 |
DOS
|
Google Security Research
|
|
2019-03-06
|
|
Android - binder Use-After-Free via racy Initialization of ->allow_user_free
|
7 |
DOS
|
Google Security Research
|
|
2019-03-06
|
|
Linux < 4.20.14 - Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem
|
8 |
DOS
|
Google Security Research
|
|
2019-03-04
|
|
Microsoft Edge Chakra 1.11.4 - Read Permission via Type Confusion
|
8 |
DOS
|
Fahad Aid Alharbi
|
|
2019-03-04
|
|
FileZilla 3.40.0 - 'Local search' / 'Local site' Denial of Service (PoC)
|
7 |
DOS
|
Mr Winst0n
|
|
2019-03-04
|
|
FileZilla 3.40.0 - 'Local search' / 'Local site' Denial of Service (PoC)
|
9 |
DOS
|
Mr Winst0n
|
|
2019-03-01
|
|
macOS XNU - Copy-on-Write Behavior Bypass via Mount of User-Owned Filesystem Image
|
6 |
DOS
|
Google Security Research
|
|
2019-03-01
|
|
Linux < 4.14.103 / < 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module
|
7 |
DOS
|
Google Security Research
|
|
2019-03-01
|
|
tcpdump < 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads
|
9 |
DOS
|
Google Security Research
|
|
2019-03-01
|
|
Google Chrome < M72 - FileWriterImpl Use-After-Free
|
4 |
DOS
|
Google Security Research
|
|
2019-03-01
|
|
Google Chrome < M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHost
|
9 |
DOS
|
Google Security Research
|
|
2019-03-01
|
|
Google Chrome < M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free
|
6 |
DOS
|
Google Security Research
|
|
2019-03-01
|
|
Google Chrome < M72 - PaymentRequest Service Use-After-Free
|
7 |
DOS
|
Google Security Research
|
|
2019-02-28
|
|
TransMac 12.3 - Denial of Service (PoC)
|
8 |
DOS
|
Alejandra Sánchez
|
|
2019-02-28
|
|
WebKitGTK 2.23.90 / WebKitGTK+ 2.22.6 - Denial of Service
|
9 |
DOS
|
Dhiraj Mishra
|
|
2019-02-28
|
|
FTP Server 1.32 - Denial of Service
|
9 |
DOS
|
s4vitar
|
|
2019-02-25
|
|
Xlight FTP Server 3.9.1 - Buffer Overflow (PoC)
|
7 |
DOS
|
Logan Whitmire
|
|
2019-02-22
|
|
WebKit JSC - reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomG
|
8 |
DOS
|
Google Security Research
|
|
2019-02-22
|
|
WebKit JSC - reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomG
|
8 |
DOS
|
Google Security Research
|
|
2019-02-21
|
|
AirDrop 2.0 - Denial of Service (DoS)
|
6 |
DOS
|
s4vitar
|
|
2019-02-21
|
|
ScreenStream 3.0.15 - Denial of Service
|
7 |
DOS
|
s4vitar
|
|
2019-02-21
|
|
Virtual VCR Max .0a - '.vcr' Buffer Overflow (PoC)
|
8 |
DOS
|
Wade Guest
|
|
2019-02-21
|
|
Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow (PoC)
|
4 |
DOS
|
Alejandra Sánchez
|
|
2019-02-21
|
|
Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow (PoC)
|
6 |
DOS
|
Alejandra Sánchez
|
|
2019-02-20
|
|
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
|
9 |
DOS
|
Google Security Research
|
|
2019-02-20
|
|
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
|
7 |
DOS
|
Google Security Research
|
|
2019-02-20
|
|
Android Kernel < 4.8 - ptrace seccomp Filter Bypass
|
9 |
DOS
|
Google Security Research
|
|
2019-02-20
|
|
FaceTime - Texture Processing Memory Corruption
|
6 |
DOS
|
Google Security Research
|
|
2019-02-20
|
|
WinRAR 5.61 - '.lng' Denial of Service
|
7 |
DOS
|
Kağan Çapar
|
|
2019-02-20
|
|
FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)
|
7 |
DOS
|
Victor Mondragón
|
|
2019-02-20
|
|
FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)
|
9 |
DOS
|
Victor Mondragón
|
|
2019-02-19
|
|
BulletProof FTP Server 2019.0.0.50 - 'SMTP Server' Denial of Service (PoC)
|
8 |
DOS
|
Victor Mondragón
|
|
2019-02-19
|
|
BulletProof FTP Server 2019.0.0.50 - 'SMTP Server' Denial of Service (PoC)
|
6 |
DOS
|
Victor Mondragón
|
|
2019-02-19
|
|
Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)
|
9 |
DOS
|
Victor Mondragón
|
|
2019-02-19
|
|
Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)
|
9 |
DOS
|
Victor Mondragón
|
|
2019-02-19
|
|
NetSetMan 4.7.1 - 'Workgroup' Denial of Service (PoC)
|
7 |
DOS
|
Victor Mondragón
|
|
2019-02-19
|
|
NetSetMan 4.7.1 - 'Workgroup' Denial of Service (PoC)
|
9 |
DOS
|
Victor Mondragón
|
|
2019-02-18
|
|
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubs
|
9 |
DOS
|
Google Security Research
|
|
2019-02-18
|
|
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap
|
8 |
DOS
|
Google Security Research
|
|
2019-02-18
|
|
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayou
|
10 |
DOS
|
Google Security Research
|
|
2019-02-18
|
|
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseCo
|
12 |
DOS
|
Google Security Research
|
|
2019-02-18
|
|
NBMonitor 1.6.5.0 - 'Key' Denial of Service (PoC)
|
8 |
DOS
|
Alejandra Sánchez
|
|
2019-02-18
|
|
NBMonitor 1.6.5.0 - 'Key' Denial of Service (PoC)
|
9 |
DOS
|
Alejandra Sánchez
|
|
2019-02-18
|
|
Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)
|
7 |
DOS
|
Alejandra Sánchez
|
|
2019-02-18
|
|
Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)
|
7 |
DOS
|
Alejandra Sánchez
|
|
2019-02-18
|
|
Realterm Serial Terminal 2.0.0.70 - Denial of Service
|
9 |
DOS
|
Alejandra Sánchez
|
|
2019-02-18
|
|
Realterm Serial Terminal 2.0.0.70 - Denial of Service
|
8 |
DOS
|
Alejandra Sánchez
|
|
2019-02-15
|
|
Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference
|
10 |
DOS
|
Google Security Research
|
|
2019-02-15
|
|
Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference
|
9 |
DOS
|
Google Security Research
|
|
2019-02-15
|
|
VSCO 1.1.1.0 - Denial of Service (PoC)
|
13 |
DOS
|
0xB9
|
|
2019-02-15
|
|
VSCO 1.1.1.0 - Denial of Service (PoC)
|
11 |
DOS
|
0xB9
|
|
2019-02-15
|
|
Navicat for Oracle 12.1.15 - _Password_ Denial of Service (PoC)
|
9 |
DOS
|
Victor Mondragón
|
|
2019-02-15
|
|
Navicat for Oracle 12.1.15 - _Password_ Denial of Service (PoC)
|
9 |
DOS
|
Victor Mondragón
|
|
2019-02-15
|
|
Free IP Switcher 3.1 - 'Computer Name' Denial of Service (PoC)
|
8 |
DOS
|
Victor Mondragón
|
|
2019-02-15
|
|
Free IP Switcher 3.1 - 'Computer Name' Denial of Service (PoC)
|
9 |
DOS
|
Victor Mondragón
|
|
2019-02-15
|
|
AirMore 1.6.1 - Denial of Service (PoC)
|
9 |
DOS
|
s4vitar
|
|
2019-02-14
|
|
ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (PoC)
|
8 |
DOS
|
s4vitar
|
|
2019-02-14
|
|
MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC)
|
10 |
DOS
|
Alejandra Sánchez
|
|
2019-02-14
|
|
MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC)
|
10 |
DOS
|
Alejandra Sánchez
|
|
2019-02-14
|
|
Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC)
|
8 |
DOS
|
Victor Mondragón
|
|
2019-02-13
|
|
NetworkSleuth 3.0 - 'Name' Denial of Service (PoC)
|
8 |
DOS
|
Alejandra Sánchez
|
|
2019-02-13
|
|
NetworkSleuth 3.0 - 'Name' Denial of Service (PoC)
|
10 |
DOS
|
Alejandra Sánchez
|
|
2019-02-12
|
|
Skyworth GPON HomeGateways and Optical Network Terminals - Stack Overflow
|
10 |
DOS
|
Kaustubh G. Padwad
|
|
2019-02-12
|
|
Skyworth GPON HomeGateways and Optical Network Terminals - Stack Overflow
|
8 |
DOS
|
Kaustubh G. Padwad
|
|
2019-02-12
|
|
Android - binder Use-After-Free of VMA via race Between reclaim and munmap
|
10 |
DOS
|
Google Security Research
|
|
2019-02-12
|
|
Android - binder Use-After-Free via fdget() Optimization
|
9 |
DOS
|
Google Security Research
|
|
2019-02-11
|
|
NordVPN 6.19.6 - Denial of Service (PoC)
|
10 |
DOS
|
Alejandra Sánchez
|
|
2019-02-11
|
|
NordVPN 6.19.6 - Denial of Service (PoC)
|
7 |
DOS
|
Alejandra Sánchez
|
|
2019-02-11
|
|
FutureDj Pro 1.7.2.0 - Denial of Service
|
7 |
DOS
|
Achilles
|
|
2019-02-11
|
|
FutureDj Pro 1.7.2.0 - Denial of Service
|
7 |
DOS
|
Achilles
|
|
2019-02-11
|
|
AirDroid 4.2.1.6 - Denial of Service
|
9 |
DOS
|
s4vitar
|
|
2019-02-06
|
|
Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows
|
8 |
DOS
|
Google Security Research
|
|
2019-02-05
|
|
River Past Audio Converter 7.7.16 - Denial of Service (PoC)
|
11 |
DOS
|
Achilles
|
|
2019-02-05
|
|
River Past Audio Converter 7.7.16 - Denial of Service (PoC)
|
8 |
DOS
|
Achilles
|
|
2019-02-05
|
|
Device Monitoring Studio 8.10.00.8925 - Denial of Service (PoC)
|
8 |
DOS
|
Victor Mondragón
|
|
2019-02-05
|
|
Device Monitoring Studio 8.10.00.8925 - Denial of Service (PoC)
|
8 |
DOS
|
Victor Mondragón
|
|
2019-02-04
|
|
TaskInfo 8.2.0.280 - Denial of Service (PoC)
|
8 |
DOS
|
Rafael Pedrero
|
|
2019-02-04
|
|
TaskInfo 8.2.0.280 - Denial of Service (PoC)
|
8 |
DOS
|
Rafael Pedrero
|
|
2019-02-04
|
|
SpotAuditor 3.6.7 - 'Base64 Encrypted Password' Denial of Service (PoC)
|
8 |
DOS
|
Rafael Pedrero
|
|
2019-02-04
|
|
SpotAuditor 3.6.7 - 'Base64 Encrypted Password' Denial of Service (PoC)
|
9 |
DOS
|
Rafael Pedrero
|
|
2019-02-04
|
|
River Past Ringtone Converter 2.7.6.1601 - Denial of Service (PoC)
|
11 |
DOS
|
Rafael Pedrero
|
|
2019-02-04
|
|
River Past Ringtone Converter 2.7.6.1601 - Denial of Service (PoC)
|
8 |
DOS
|
Rafael Pedrero
|
|
2019-02-04
|
|
MyVideoConverter Pro 3.14 - Denial of Service
|
10 |
DOS
|
Achilles
|
|
2019-02-04
|
|
MyVideoConverter Pro 3.14 - Denial of Service
|
9 |
DOS
|
Achilles
|
|
2019-02-01
|
|
Remote Process Explorer 1.0.0.16 - Buffer Overflow (PoC) (SEH Overwrite)
|
9 |
DOS
|
Rafael Pedrero
|
|
2019-01-31
|
|
macOS < 10.14.3 / iOS < 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when
|
9 |
DOS
|
Google Security Research
|
|
2019-01-31
|
|
macOS < 10.14.3 / iOS < 12.1.3 XNU - 'vm_map_copy' Optimization which Requires Atomicity isn't Atomi
|
8 |
DOS
|
Google Security Research
|
|
2019-01-31
|
|
macOS < 10.14.3 / iOS < 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issues in
|
11 |
DOS
|
Google Security Research
|
|
2019-01-31
|
|
macOS < 10.14.3 / iOS < 12.1.3 - Arbitrary mach Port Name Deallocation in XPC Services due to Invali
|
9 |
DOS
|
Google Security Research
|
|
2019-01-31
|
|
macOS XNU - Copy-on-Write Behaviour Bypass via Partial-Page Truncation of File
|
10 |
DOS
|
Google Security Research
|
|
2019-01-31
|
|
LanHelper 1.74 - Denial of Service (PoC)
|
8 |
DOS
|
Rafael Pedrero
|
|
2019-01-31
|
|
FlexHEX 2.46 - Buffer Overflow (PoC) (SEH Overwrite)
|
13 |
DOS
|
Rafael Pedrero
|
