Tag: memory corruption
-
Hacker News: Ancient Monkey: Pwning a 17-Year-Old Version of SpiderMonkey
Source URL: https://blog.pspaul.de/posts/ancient-monkey-pwning-a-17-year-old-version-of-spidermonkey/ Source: Hacker News Title: Ancient Monkey: Pwning a 17-Year-Old Version of SpiderMonkey Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a significant vulnerability found in the Zscaler enterprise VPN solution, particularly linked to the pacparser library and its use of an outdated version of the SpiderMonkey JavaScript engine.…
-
Cisco Talos Blog: Talos discovers denial-of-service vulnerability in Microsoft Audio Bus; Potential remote code execution in popular open-source PLC
Source URL: https://blog.talosintelligence.com/talos-discovers-denial-of-service-vulnerability-in-microsoft-audio-bus-potential-remote-code-execution-in-popular-open-source-plc/ Source: Cisco Talos Blog Title: Talos discovers denial-of-service vulnerability in Microsoft Audio Bus; Potential remote code execution in popular open-source PLC Feedly Summary: Talos researchers have disclosed three vulnerabilities in OpenPLC, a popular open-source programmable logic controller. AI Summary and Description: Yes **Summary:** The text details the recent disclosure of multiple vulnerabilities…
-
Hacker News: Race conditions in Linux Kernel perf events
Source URL: https://binarygecko.com/race-conditions-in-linux-kernel-perf-events/ Source: Hacker News Title: Race conditions in Linux Kernel perf events Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The provided text details a vulnerability in the Linux kernel’s `perf_events` subsystem, specifically related to the management of auxiliary buffers within performance monitoring events. It reveals exploit strategies and proofs of concept…
-
Cisco Talos Blog: Vulnerability in Acrobat Reader could lead to remote code execution; Microsoft patches information disclosure issue in Windows API
Source URL: https://blog.talosintelligence.com/vulnerability-roundup-sept-11-2024/ Source: Cisco Talos Blog Title: Vulnerability in Acrobat Reader could lead to remote code execution; Microsoft patches information disclosure issue in Windows API Feedly Summary: CVE-2024-38257 is considered “less likely” to be exploited, though it does not require any user interaction or user privileges. AI Summary and Description: Yes Summary: The text…
-
The Register: Rock Chrome hard enough and get paid half a million
Source URL: https://www.theregister.com/2024/08/29/google_chrome_vuln_rewards/ Source: The Register Title: Rock Chrome hard enough and get paid half a million Feedly Summary: Google revises Chrome Vulnerability Rewards Program with higher payouts for bug hunters Google’s Chrome Vulnerability Rewards Program (VRP) is now significantly more rewarding – with a top payout that’s at least twice as substantial.… AI Summary…