ITh4cker google-security-research issues

ITh4cker / google-security-research

Automatically exported from code.google.com/p/google-security-research

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Microsoft Office / COM Object DLL Planting with els.dll

#514 GoogleCodeExporter closed 8 years ago
7
Chrome - Integer overflow in open-vcdiff results in OOB read in browser process

#513 GoogleCodeExporter closed 8 years ago
3
[deleted issue]

#512 GoogleCodeExporter closed 8 years ago
0
[deleted issue]

#511 GoogleCodeExporter closed 8 years ago
0
Windows Cursor object potential memory leak

#510 GoogleCodeExporter closed 8 years ago
1
Windows race condition leading to use after free in DestroySMWP

#509 GoogleCodeExporter closed 8 years ago
2
Windows kernel NtUserScrollDC memory corruption

#508 GoogleCodeExporter closed 8 years ago
2
Windows Kernel win32k.sys TTF font processing: pool-based buffer overflow with malformed TrueType program

#507 GoogleCodeExporter closed 8 years ago
5
Windows Kernel win32k.sys TTF font processing: pool-based buffer overflow with malformed OS/2 table

#506 GoogleCodeExporter closed 8 years ago
4
Windows kernel use-after-free with device contexts and NtGdiSelectBitmap

#505 GoogleCodeExporter closed 8 years ago
2
Flash: No Checks on Vector.<uint> Capacity Field

#504 GoogleCodeExporter closed 8 years ago
5
libstagefright integer overflow and heap corruption with saio tag

#503 GoogleCodeExporter closed 8 years ago
3
libstagefright integer overflow checks can by bypassed with extended chunk lengths

#502 GoogleCodeExporter closed 8 years ago
9
[deleted issue]

#501 GoogleCodeExporter closed 8 years ago
0
Samsung Galaxy S6: Samsung Gallery GIF Parsing Crash

#500 GoogleCodeExporter opened 8 years ago
3
Samsung Galaxy S6: android.media.process Face Recognition Memory Corruption

#499 GoogleCodeExporter closed 8 years ago
4
Samsung Galaxy S6: libQjpeg DoIntegralUpsample Crash

#498 GoogleCodeExporter closed 8 years ago
4
Samsung Galaxy S6: Samsung Gallery Bitmap Decoding Crash

#497 GoogleCodeExporter opened 8 years ago
4
[deleted issue]

#496 GoogleCodeExporter closed 8 years ago
0
Samsung libQjpeg image decoding memory corruption

#495 GoogleCodeExporter closed 8 years ago
4
Samsung SecEmailUI script injection

#494 GoogleCodeExporter opened 8 years ago
5
Samsung m2m1shot kernel driver buffer overflow

#493 GoogleCodeExporter closed 8 years ago
4
Samsung fimg2d FIMG2D_BITBLT_BLIT ioctl concurrency flaw

#492 GoogleCodeExporter closed 8 years ago
4
Samsung seiren kernel driver buffer overflow

#491 GoogleCodeExporter closed 8 years ago
6
Samsung SecEmailComposer QUICK_REPLY_BACKGROUND permissions weakness

#490 GoogleCodeExporter closed 8 years ago
4
Samsung WifiHs20UtilityService path traversal

#489 GoogleCodeExporter closed 8 years ago
5
Microsoft Office 2007 and 2010 RTF frmtxtbrl EIP corruption

#488 GoogleCodeExporter closed 8 years ago
2
[deleted issue]

#487 GoogleCodeExporter closed 8 years ago
0
Windows: Sandboxed Mount Reparse Point Creation Mitigation Bypass

#486 GoogleCodeExporter closed 8 years ago
4
[deleted issue]

#485 GoogleCodeExporter closed 8 years ago
0
Security: Flash Heap-use-after-free in SurfaceFilterList::CreateFromScriptAtom. Alwayzzzzzzz

#484 GoogleCodeExporter closed 8 years ago
4
Windows: NtCreateLowBoxToken Handle Capture Local DoS/Elevation of Privilege

#483 GoogleCodeExporter closed 8 years ago
4
Flash: bypass of Vector.<uint> length vs. cookie validation

#482 GoogleCodeExporter closed 8 years ago
5
.NET Partial-Trust bypass via browser command-line injection in System.Windows.Forms.Help

#481 GoogleCodeExporter closed 8 years ago
2
Kernel-mode ASLR leak via uninitialized memory returned to usermode by NtGdiGetTextMetrics

#480 GoogleCodeExporter closed 8 years ago
6
[deleted issue]

#479 GoogleCodeExporter closed 8 years ago
0
OS X Install.framework suid root runner binary priv-esc due to not accounting for implicitly parallel nature of Distributed Objects

#478 GoogleCodeExporter closed 8 years ago
5
OS X Install.framework suid root binary allows arbitrary mkdir, unlink and chown (to admin group) due to unexpected interactions with distributed objects

#477 GoogleCodeExporter closed 8 years ago
4
[deleted issue]

#476 GoogleCodeExporter closed 8 years ago
0
Windows kernel: FlashWindowEx memory corruption

#475 GoogleCodeExporter closed 8 years ago
4
Windows kernel: buffer overflow in NtGdiBitBlt

#474 GoogleCodeExporter closed 8 years ago
5
atmfd NamedEscape(0x2514) buffer-underflow vulnerability

#473 GoogleCodeExporter closed 8 years ago
2
Adobe Flash: Use-after-free in ByteArray Operator[]

#472 GoogleCodeExporter closed 8 years ago
2
[deleted issue]

#471 GoogleCodeExporter closed 8 years ago
0
ESET NOD32 emulator fails if you modify .idata after imports

#470 GoogleCodeExporter closed 8 years ago
2
Microsoft Office 2007: OGL.dll ValidateBitmapInfo bounds check failure

#469 GoogleCodeExporter closed 8 years ago
3
Windows: User Mode Font Driver Thread Permissions EoP

#468 GoogleCodeExporter closed 8 years ago
4
Apple qlmanage - heap overflow in SceneKit::daeElement::setElementName

#467 GoogleCodeExporter closed 8 years ago
4
ESET NOD32 Heap overflow unpacking EPOC installation files.

#466 GoogleCodeExporter closed 8 years ago
2
Microsoft Office 2007: type confusion related to OLESSDirectyEntry.CreateTime

#465 GoogleCodeExporter closed 8 years ago
4

Previous Next