issues
search
bingghost
/
google-security-research
Automatically exported from code.google.com/p/google-security-research
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
[deleted issue]
#524
GoogleCodeExporter
opened
8 years ago
0
Windows Kernel ATMFD.DLL out-of-bounds reads from the input CharString stream
#523
GoogleCodeExporter
opened
8 years ago
0
Kaspersky Antivirus VB6 parsing integer overflow
#522
GoogleCodeExporter
closed
8 years ago
14
Kaspersky Antivirus ZIP file format use after free vulnerability
#521
GoogleCodeExporter
closed
8 years ago
3
Kaspersky Antivirus RAR file format parsing memory corruption
#520
GoogleCodeExporter
closed
8 years ago
3
Kaspersky Antivirus DEX file format parsing memory corruption
#519
GoogleCodeExporter
closed
8 years ago
8
Kaspersky Antivirus ThinApp parser stack buffer overflow
#518
GoogleCodeExporter
closed
8 years ago
6
[deleted issue]
#517
GoogleCodeExporter
closed
8 years ago
0
Windows ndis.sys IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) pool buffer overflow
#516
GoogleCodeExporter
closed
8 years ago
4
NVIDIA: Stereoscopic 3D Driver Service Arbitrary Run Key Creation
#515
GoogleCodeExporter
closed
8 years ago
3
Microsoft Office / COM Object DLL Planting with els.dll
#514
GoogleCodeExporter
closed
8 years ago
10
Chrome - Integer overflow in open-vcdiff results in OOB read in browser process
#513
GoogleCodeExporter
closed
8 years ago
3
Failure to check return value of OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient leads to kernel address space layout leak and exploitable NULL dereference
#512
GoogleCodeExporter
closed
8 years ago
5
Integer Overflow in IOHDIXControllerUserClient::convertClientBuffer leading to undersized kalloc allocation passed to DMA code
#511
GoogleCodeExporter
closed
8 years ago
5
Windows Cursor object potential memory leak
#510
GoogleCodeExporter
closed
8 years ago
1
Windows race condition leading to use after free in DestroySMWP
#509
GoogleCodeExporter
closed
8 years ago
2
Windows kernel NtUserScrollDC memory corruption
#508
GoogleCodeExporter
closed
8 years ago
2
Windows Kernel win32k.sys TTF font processing: pool-based buffer overflow with malformed TrueType program
#507
GoogleCodeExporter
closed
8 years ago
5
Windows Kernel win32k.sys TTF font processing: pool-based buffer overflow with malformed OS/2 table
#506
GoogleCodeExporter
closed
8 years ago
4
Windows kernel use-after-free with device contexts and NtGdiSelectBitmap
#505
GoogleCodeExporter
closed
8 years ago
2
Flash: No Checks on Vector.<uint> Capacity Field
#504
GoogleCodeExporter
closed
8 years ago
5
libstagefright integer overflow and heap corruption with saio tag
#503
GoogleCodeExporter
closed
8 years ago
3
libstagefright integer overflow checks can by bypassed with extended chunk lengths
#502
GoogleCodeExporter
closed
8 years ago
12
Android libstagefright heap buffer overflow due to integer overflow in MP3 ID3 tag parsing
#501
GoogleCodeExporter
closed
8 years ago
5
Samsung Galaxy S6: Samsung Gallery GIF Parsing Crash
#500
GoogleCodeExporter
closed
8 years ago
4
Samsung Galaxy S6: android.media.process Face Recognition Memory Corruption
#499
GoogleCodeExporter
closed
8 years ago
4
Samsung Galaxy S6: libQjpeg DoIntegralUpsample Crash
#498
GoogleCodeExporter
closed
8 years ago
4
Samsung Galaxy S6: Samsung Gallery Bitmap Decoding Crash
#497
GoogleCodeExporter
closed
8 years ago
6
OS X kernel panic due to bad patch for CVE-2015-3712 in GeForce.kext
#496
GoogleCodeExporter
closed
8 years ago
5
Samsung libQjpeg image decoding memory corruption
#495
GoogleCodeExporter
closed
8 years ago
4
Samsung SecEmailUI script injection
#494
GoogleCodeExporter
closed
8 years ago
7
Samsung m2m1shot kernel driver buffer overflow
#493
GoogleCodeExporter
closed
8 years ago
4
Samsung fimg2d FIMG2D_BITBLT_BLIT ioctl concurrency flaw
#492
GoogleCodeExporter
closed
8 years ago
4
Samsung seiren kernel driver buffer overflow
#491
GoogleCodeExporter
closed
8 years ago
6
Samsung SecEmailComposer QUICK_REPLY_BACKGROUND permissions weakness
#490
GoogleCodeExporter
closed
8 years ago
4
Samsung WifiHs20UtilityService path traversal
#489
GoogleCodeExporter
closed
8 years ago
5
Microsoft Office 2007 and 2010 RTF frmtxtbrl EIP corruption
#488
GoogleCodeExporter
closed
8 years ago
2
OS X coreaudiod calls uninitialized function pointer
#487
GoogleCodeExporter
closed
8 years ago
4
Windows: Sandboxed Mount Reparse Point Creation Mitigation Bypass
#486
GoogleCodeExporter
closed
8 years ago
4
[deleted issue]
#485
GoogleCodeExporter
closed
8 years ago
0
Security: Flash Heap-use-after-free in SurfaceFilterList::CreateFromScriptAtom. Alwayzzzzzzz
#484
GoogleCodeExporter
closed
8 years ago
4
Windows: NtCreateLowBoxToken Handle Capture Local DoS/Elevation of Privilege
#483
GoogleCodeExporter
closed
8 years ago
4
Flash: bypass of Vector.<uint> length vs. cookie validation
#482
GoogleCodeExporter
closed
8 years ago
5
.NET Partial-Trust bypass via browser command-line injection in System.Windows.Forms.Help
#481
GoogleCodeExporter
closed
8 years ago
2
Kernel-mode ASLR leak via uninitialized memory returned to usermode by NtGdiGetTextMetrics
#480
GoogleCodeExporter
closed
8 years ago
6
[deleted issue]
#479
GoogleCodeExporter
closed
8 years ago
0
OS X Install.framework suid root runner binary priv-esc due to not accounting for implicitly parallel nature of Distributed Objects
#478
GoogleCodeExporter
closed
8 years ago
5
OS X Install.framework suid root binary allows arbitrary mkdir, unlink and chown (to admin group) due to unexpected interactions with distributed objects
#477
GoogleCodeExporter
closed
8 years ago
4
[deleted issue]
#476
GoogleCodeExporter
closed
8 years ago
0
Windows kernel: FlashWindowEx memory corruption
#475
GoogleCodeExporter
closed
8 years ago
4
Next