In this post, I'll exploit CVE-2024-5830, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
The post From object transition to RCE in the Chrome renderer appeared first on The GitHub Blog.

From object transition to RCE in the Chrome renderer

In this post, I'll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
The post Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties appeared first on The GitHub Blog.

Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties

In this post, I'll exploit CVE-2023-4069, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
The post Getting RCE in Chrome with incomplete object initialization in the Maglev compiler appeared first on The GitHub Blog.

Getting RCE in Chrome with incomplete object initialization in the Maglev compiler

In this post, I'll exploit CVE-2023-3420, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
The post Getting RCE in Chrome with incorrect side effect in the JIT compiler appeared first on The GitHub Blog.

CoFeed

Posts about #exploit-development from the top innovative companies, all in one place.