Vulnerabilities tagged "binary"

This is another one of those, IDE/tooling doing more than you expect issues.In Rust you have `#[proc_macro]`s which are functions that are executed at compile time...

Another indexing issue, and entity index is received and used, but only the lower bound (>= 0) is checked, leading to an OOB access and a virtual function call.

Good bit of background on this one, does a good job of explaining the root of the issue.There are two parts, first is a 2020 CVE...

Interesting post that covers a bit about the meta of bug-hunting in Source Engine games and some how-to information. There are two OOB read vulnerabilities used in the chain.

Cool bug, but hard to actually exploit despite getting PC control.The vuln uses GLSL, a c-like shader language that gets translated into C before being executed...

First goes into some background details on QMI, what kinds of services it provides, and details on how they fuzzed the interface (used QEMU hexagon to emulate the modem in conjunction with AFL).They talk about one of the vulns the fuzzer dug up, which was a heap overflow in the voice service's `call_config_req` handler...

Very long post, covering an old issue (2013) tons of background about Java bytecode, App Engine and ASM (library).Some context for the issue is that App Engine would perform in-process sandboxing...

Fairly simple to understand bug in the JS Engine (v8) used by Foxit Reader. The crash is just two lines of code.

Two vulnerabilities and a good deal of background.Vulns happen in the UEFI Request hypercalls...

`/proc//syscall` fills in a `struct syscall_info` using an architecture specific implementation.The structure has a `u64[6]` for argument registers to be put into...