(CVE-2021-4206) QEMU QXL Integer overflow leads to Heap Overflow CVE: CVE-2021-4206Tested Versions:QEMU < v6.0.0Product URL(s): https://www.qemu.org/Technical... 2022-3-28 08:0:0 | 阅读: 9 | 收藏 | Advisories on STAR Labs - starlabs.sg qxl qemucursor hot unpack datasize

(CVE-2021-4207) QEMU QXL Integer overflow leads to Heap Overflow CVE: CVE-2021-4207Tested Versions:QEMU < v6.0.0Product URL(s): https://www.qemu.org/Technical... 2022-3-28 08:0:0 | 阅读: 13 | 收藏 | Advisories on STAR Labs - starlabs.sg qxl hot rams unpack memory

(CVE-2022-0168) Linux Kernel smb2_ioctl_query_info NULL Pointer Dereference CVE: CVE-2022-0168Tested Versions:Linux kernels 5.4–5.12, 5.13-rc+HEADCommon Internet File Sys... 2022-3-28 08:0:0 | 阅读: 4 | 收藏 | Advisories on STAR Labs - starlabs.sg 4033 cifs 355934 smb2 qi

(CVE-2022-28730) Apache JSPWiki v2.11.1 - Reflected XSS in AjaxPreview.jsp CVE: CVE-2022-28730Tested Versions:Latest release v2.11.2CVSSv3.1 Base Score: 5.4 (Medium)CVSS... 2022-3-14 08:0:0 | 阅读: 16 | 收藏 | Advisories on STAR Labs - starlabs.sg jspwiki ajaxpreview payload 40369 cvssv3

(CVE-2022-26718) macOS smbfs Out-of-Bounds Read due to parse nic info CVE: CVE-2022-26718Tested Versions:macOS 11.x.x <= 11.6.4macOS 12.x.x <= 12.2.1Product URL(s):... 2022-3-4 08:0:0 | 阅读: 14 | 收藏 | Advisories on STAR Labs - starlabs.sg nic client network sockaddr smb2

The Cat Escaped from the Chrome Sandbox IntroductionOn 13th September 2021, Google published the security advisory for Google Chrome. That... 2022-1-21 08:0:0 | 阅读: 5 | 收藏 | Blogs on STAR Labs - starlabs.sg mojom committing chromium blink mojo

(CVE-2022-21877) Storage Spaces Controller Information Disclosure Vulnerability SummaryProductStorage SpacesVendorMicrosoftSeverityMediumAffected Versionsspacepo... 2022-1-11 08:0:0 | 阅读: 4 | 收藏 | Advisories on STAR Labs - starlabs.sg tier ffffef08 fffff804 spaceport ffff9789

Diving into Open-source LMS Codebases IntroductionLooking to practice on source code review, I had been diving into how open-source LMS c... 2021-11-16 08:0:0 | 阅读: 3 | 收藏 | Blogs on STAR Labs - starlabs.sg php chamilo htaccess payload moodle

Analysis of CVE-2021-1758 (CoreText Out-Of-Bounds Read) References:STARLabs Advisory STAR-21-1758In February, Peter found a OOB read vulnerability in li... 2021-9-14 08:0:0 | 阅读: 9 | 收藏 | Blogs on STAR Labs - starlabs.sg p16 tinyinst p32 library

(CVE-2021-30844) macOS smbfs Out-of-Bounds Read CVE: CVE-2021-30844Tested Versions:macOS BigSur 11.0 - 11.2.3Product URL(s):https://apple.com... 2021-9-13 08:0:0 | 阅读: 1 | 收藏 | Advisories on STAR Labs - starlabs.sg t2p smbfs t2 t2rq kern

(CVE-2021-30845) macOS smbfs Out-of-Bounds Read CVE: CVE-2021-30845Tested Versions:macOS BigSur 11.0 - 11.2.3Product URL(s):https://apple.com... 2021-9-13 08:0:0 | 阅读: 2 | 收藏 | Advisories on STAR Labs - starlabs.sg smbfs unavailable development sm smp

Identifying Bugs in Router Firmware at Scale with Taint Analysis In the past few months, Akash (@enigmatrix) and I (@daniellimws) worked on developing a taint analys... 2021-8-4 08:0:0 | 阅读: 4 | 收藏 | Blogs on STAR Labs - starlabs.sg rcl cmsobj dal mdmoid ntp

Simple Vulnerability Regression Monitoring with V8Harvest During my research into Javascript Engine (V8), I have created a small tool to help you view recent... 2021-6-25 08:0:0 | 阅读: 11 | 收藏 | Blogs on STAR Labs - starlabs.sg regress chrome v8harvest python3

(CVE-2021-30868) macOS smbfs Race Condition leading to Use-After-Free Vulnerability CVE: CVE-2021-30868Tested Versions:macOS BigSur 11.0 - 11.2.3Product URL(s):https://apple.com... 2021-6-18 08:0:0 | 阅读: 7 | 收藏 | Advisories on STAR Labs - starlabs.sg iod negotiate smbfs sessionp smbiod

(CVE-20221-35403) Prolink PRC2402M touchlist_sync.cgi main Un-authenticated Command Injection Vulnerability CVE: CVE-2021-35403Tested Versions:Prolink PRC2402M 20190909Product URL(s):https://prolink2u.... 2021-6-10 08:0:0 | 阅读: 11 | 收藏 | Advisories on STAR Labs - starlabs.sg getacl prolink touchlist querystring meshmode

(CVE-20221-35404) Prolink PRC2402M applogin.cgi sys_login1 Authenticated Command Injection Vulnerability CVE: CVE-2021-35404Tested Versions:Prolink PRC2402M 20190909Product URL(s):https://prolink2u.... 2021-6-10 08:0:0 | 阅读: 18 | 收藏 | Advisories on STAR Labs - starlabs.sg ipaddr prolink querystring applogin login1

(CVE-20221-35406) Prolink PRC2402M login.cgi sys_login1 Authenticated Command Injection Vulnerability CVE: CVE-2021-35406Tested Versions:Prolink PRC2402M 20190909Product URL(s):https://prolink2u.... 2021-6-10 08:0:0 | 阅读: 6 | 收藏 | Advisories on STAR Labs - starlabs.sg ipaddr prolink login1 payload strdup

(CVE-20221-35400) Prolink PRC2402M mesh.cgi get_extender_page Un-authenticated Command Injection Vulnerability CVE: CVE-2021-35400Tested Versions:Prolink PRC2402M 20190909Product URL(s):https://prolink2u.... 2021-6-10 08:0:0 | 阅读: 4 | 收藏 | Advisories on STAR Labs - starlabs.sg prolink extender querystring ipaddr localip

(CVE-20221-35401) Prolink PRC2402M login.cgi sys_login Un-authenticated Command Injection Vulnerability CVE: CVE-2021-35401Tested Versions:Prolink PRC2402M 20190909Product URL(s):https://prolink2u.... 2021-6-10 08:0:0 | 阅读: 7 | 收藏 | Advisories on STAR Labs - starlabs.sg prolink langchange salted strcmp popen

(CVE-20221-35406) Prolink PRC2402M qos.cgi qos_settings Un-authenticated Command Injection Vulnerability CVE: CVE-2021-35406Tested Versions:Prolink PRC2402M 20190909Product URL(s):https://prolink2u.... 2021-6-10 08:0:0 | 阅读: 2 | 收藏 | Advisories on STAR Labs - starlabs.sg qos sel bandwidth prolink strdup