SECURITY ADVISORIES
Software Flaws found by Krash Consulting.
We have been independently providing our analysis and flaw report we’ve found in various softwares owned by global conglomerates.
Menu
We have been independently providing our analysis and flaw report we’ve found in various softwares owned by global conglomerates.
We have been independently providing our analysis and flaw report we’ve found in various softwares owned by global conglomerates.
CVE-2022-: Heap buffer overflow in GPU
CVE-2022-0103: use after free in Swiftshader
CVE-2022-0104: Heap buffer overflow in ANGLE
CVE-2021-4101: Heap buffer overflow in switchshader
CVE-2021-4058: Heap buffer overflow in ANGLE
CVE-2021-23994: Out of bound write due to lazy initialization
CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read
CVE-2021-21233: Heap buffer overflow in ANGLE
CVE-2020-16048: Buffer overflow in depth pitch calculations for compressed textures
CVE-2020-26971: Heap buffer overflow in WebGL
CVE-2018-17466: Texture11 Memory Corruption in ANGLE
CVE-2018-16082: Stack buffer overflow in SwiftShader
CVE-2018-6162: Heap buffer overflow in WebGL TexImage3D
CVE-2018-6154: Heap buffer overflow in WebGL FreeIds
CVE-2018-8387: Memory Corruption Vulnerability
CVE-2018-8262: Memory Corruption Vulnerability
CVE-2020-26971: Heap buffer overflow in WebGL
CVE-2018-8163: Information Disclosure – Formula Record
CVE-2018-8162: Remote Code Execution – Formula Record
CVE-2018-4130: Memory Corruption in WebKit webGL
CVE-2018-0796: emote Code Execution Vulnerability
CVE-2018-6060: Use after free in Blink
CVE-2018-6073: Heap buffer overflow in WebGL
CVE-2017-7845: Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9
CVE-2017-11844: Information Disclosure Vulnerability
CVE-2017-11845: Memory Corruption Vulnerability
CVE-2017-5129: Use after free in WebAudio
CVE-2017-5128: Heap overflow in WebGL
CVE-2017-7845: Buffer overflow when drawing and validating elements with ANGLE
CVE-2015-1240: Out of bounds read in webGL
CVE-2015-1668: CSVGMarkerElement Use-After-Free
CVE-2015-0043: SVG Marker Use-After-Free
CVE-2015-0042: SVG Marker Use-After-Free
CVE-2014-4128: Cell Resizing
CVE-2014-6354: CSVGSVGElement Use-After Free
CVE-2014-4145: CElement
CVE-2014-4050: first-letter Use-After-Free
CVE-2014-0313: Microsoft IE CSS Property / Unicode Character Handling Heap Buffer Overflow
CVE-2014-0263: Direct2D Crafted 2D Geometric
Figure Handling Memory Corruption
CVE-2013-3150: CElement Use-After-Free
CVE-2013-3125: CTreePos Use-After-Free
CVE-2013-3124: SmartDispClient Type Confusion
CVE-2013-3118: CSVGMaskElement Double-Free
CVE-2013-0022: LsGetTrailInfo
CVE-2013-0018: SetCapture
CVE-2012-1538: CFormElement
CVE-2012-1524: Attribute Remove
CVE-2012-0165: Record Type Vulnerability
CVE-2012-0184: Record Memory Corruption Vulnerability
CVE-2012-0142: File Format Memory Corruption in OBJECTLINK Record Vulnerability
CVE-2012-0141: File Format Memory Corruption Vulnerability
CVE-2011-3065: Memory corruption in Skia
CVE-2011-1990: Out of Bounds Array Indexing Vulnerability
CVE-2011-2945:SIPR Heap Buffer Overflow Vulnerability
CVE-2011-1274: Out of Bounds Array Access Vulnerability
CVE-2011-1277: Memory Corruption Vulnerability
CVE-2010-3232: File Format Parsing Vulnerability
CVE-2010-4386: RealMedia Memory Heap Corruption Vulnerability
CVE-2010-4387: RealAudio Codec Memory Corruption Vulnerability
Don’t hesitate to reach out to us for a consultation on fortifying your cyber defenses and safeguarding your organization against potential threats.
Krash Consulting is a renowned cybersecurity firm, with over 20+ years in the industry and serving clients from various domains & countries. We understand risk and mitigate it using new methodologies.
Cloud Security Assessment
Web Application Penetration Testing
Mobile Application Penetration Testing
Red Team Assessment
Network Security Audit
Wireless Security Assessment
Threat Hunt Assessment
Social Engineering Assessment
Configuration Review
Source Code Review
DDoS Simulation
Cyber Security Advanced Training
© 2023 Krash Consulting Pvt Ltd. All Rights Reserved
Don’t hesitate to reach out to us for a consultation on fortifying your cyber defenses and safeguarding your organization against potential threats.
Krash Consulting is a renowned cybersecurity firm, with over 20+ years in the industry and serving clients from various domains & countries. We understand risk and mitigate it using new methodologies.
Cloud Security Assessment
Web Application Penetration Testing
Mobile Application Penetration Testing
Red Team Assessment
Network Security Audit
Wireless Security Assessment
Threat Hunt Assessment
Social Engineering Assessment
Configuration Review
Source Code Review
DDoS Simulation
Cyber Security Advanced Training
In recent years, ransomware has become one of the most prevalent and costly types of cyber attacks. This malicious software encrypts a victim’s data and demands a ransom payment in exchange for the decryption key.
Vulnerability assessments are a critical component of a comprehensive cyber security strategy. By regularly testing your systems for known vulnerabilities and misconfigurations, you can identify and mitigate risks before they are exploited…
The world of cybersecurity is constantly evolving, and new threats and vulnerabilities emerge on a regular basis. To stay ahead of these emerging cyber threats, it is important to maintain a vigilant and proactive approach to cybersecurity.
© 2023 Krash Consulting Pvt Ltd. All Rights Reserved