Software flaws found by Krash Consulting
Krash Consulting is tasked with the investigation of software packages to find new flaws. Once found, we work with the software owner to get the flaw registered (CVEs), and then we assist with the quickest resolution possible by providing detailed technical information, including proof of concept code. This list of advisories provides insight into the specific vulnerabilities reported.
-
2022
CVE-2022-0976: Heap buffer overflow in GPU
CVE-2022-0104: Heap buffer overflow in ANGLE
CVE-2022-0103: Use after free in SwiftShader.
-
2021
CVE-2021-4101: Heap buffer overflow in Swiftshader
CVE-2021-4058: Heap buffer overflow in ANGLE
CVE-2021-23994: Out of bound write due to lazy initialization
CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read
CVE-2021-21233: Heap buffer overflow in ANGLE
-
2020
CVE-2020-16048: Buffer overflow in depth pitch calculations for compressed textures
CVE-2020-26971: Heap buffer overflow in WebGL
-
2018
Google Chrome – Texture11 Memory Corruption in ANGLE (CVE-2018-17466)
Google Chrome – Stack buffer overflow in SwiftShader (CVE-2018-16082)
Google Chrome – Heap buffer overflow in WebGL TexImage3D (CVE-2018-6162)
Google Chrome – Heap buffer overflow in WebGL FreeIds (CVE-2018-6154)
Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8387)
Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8262)
Apple Safari – Memory Corruption in WebKit webGL (CVE-2018-4261)
Microsoft Excel Information Disclosure – Formula Record (CVE-2018-8163)
Microsoft Excel Remote Code Execution – Formula Record (CVE-2018-8162)
Apple Safari – Memory Corruption in WebKit webGL (CVE-2018-4130)
Microsoft Excel Remote Code Execution Vulnerability(CVE-2018-0796)
Google Chrome – Use after free in Blink(CVE-2018-6060)
Google Chrome – Heap buffer overflow in WebGL(CVE-2018-6073)
-
2017
Mozilla Firefox- Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9 (CVE-2017-7845)
Microsoft Edge – Information Disclosure Vulnerability (CVE-2017-11844)
Microsoft Edge – Memory Corruption Vulnerability (CVE-2017-11845)
Google Chrome – Use after free in WebAudio (CVE-2017-5129)
Google Chrome – Heap overflow in WebGL (CVE-2017-5128)
Firefox – Buffer overflow when drawing and validating elements with ANGLE (CVE-2017-7824)
-
2015
Google Chrome – Out of bounds read in webGL (CVE-2015-1240)
Internet Explorer 11 – CSVGMarkerElement Use-After-Free (CVE-2015-1668)
Internet Explorer 11 – SVG Marker Use-After-Free (CVE-2015-0043)
Internet Explorer 11 – SVG Marker Use-After-Free (CVE-2015-0042)
-
2014
Internet Explorer 11 – Cell Resizing (CVE-2014-4128)
Internet Explorer 11 – CSVGSVGElement Use-After-Free (CVE-2014-6354)
Internet Explorer 11 – CElement (CVE-2014-4145)
Internet Explorer 11 – first-letter Use-After-Free (CVE-2014-4050)
Internet Explorer 11 – Memory Corruption (CVE-2014-1772)
Internet Explorer 11 – Microsoft IE CSS Property / Unicode Character Handling Heap Buffer Overflow (CVE-2014-0313)
Microsoft Windows Direct2D Crafted 2D Geometric Figure Handling Memory Corruption (CVE-2014-0263)
-
2013
Internet Explorer 10 – CElement Use-After-Free (CVE-2013-3150)
Internet Explorer 10 – CTreePos Use-After-Free (CVE-2013-3125)
Internet Explorer 10 – SmartDispClient Type Confusion (CVE-2013-3124)
Internet Explorer 10 – CSVGMaskElement Double-Free (CVE-2013-3118)
Internet Explorer 10 – LsGetTrailInfo (CVE-2013-0022)
Internet Explorer 10 – SetCapture (CVE-2013-0018)
-
2012
Internet Explorer 9 – CFormElement (CVE-2012-1538)
Internet Explorer 9 – Attribute Remove (CVE-2012-1524)
GDI+ Record Type Vulnerability (CVE-2012-0165)
Excel SXLI Record Memory Corruption Vulnerability (CVE-2012-0184)
Excel File Format Memory Corruption in OBJECTLINK Record Vulnerability (CVE-2012-0142)
Excel File Format Memory Corruption Vulnerability (CVE-2012-0141)
Google Chrome – Memory corruption in Skia (CVE-2011-3065)
-
2011
Excel Out of Bounds Array Indexing Vulnerability (CVE-2011-1990)
RealPlayer SIPR Heap Buffer Overflow Vulnerability (CVE-2011-2945))
Excel Out of Bounds Array Access Vulnerability (CVE-2011-1274)
Excel Memory Corruption Vulnerability (CVE-2011-1277)
-
2010
Excel File Format Parsing Vulnerability (CVE-2010-3232)
RealPlayer RealMedia Memory Heap Corruption Vulnerability (CVE-2010-4386)
RealPlayer RealAudio Codec Memory Corruption Vulnerability (CVE-2010-4387)