New issue
Advanced search Search tips
ListGrid
Loading...
  ID Type  Status  Priority  Milestone  Owner  Summary + Labels ...
  96 ---- Fixed ---- ---- cevans@google.com glibc off-by-one NUL byte heap overflow in gconv_translit_find CCProjectZeroMembers  
  122 ---- Fixed ---- ---- cevans@google.com Flash memory corruption in the G711 codec with 4-byte samples CCProjectZeroMembers  
  124 ---- Fixed ---- ---- cevans@google.com Flash memory corruption when upper casing malformed Unicode CCProjectZeroMembers  
  125 ---- Fixed ---- ---- cevans@google.com Flash corruption after corrupting pre-validated bytecode CCProjectZeroMembers  
  131 ---- Fixed ---- ---- cevans@google.com Flash write crash at NULL + 0x2b288 (on 64-bit) CCProjectZeroMembers  
  405 ---- Fixed ---- ---- taviso@google.com Linux: fuse privilege escalation CCProjectZeroMembers  
  411 ---- Fixed ---- ---- cevans@google.com Linux: privilege escalations via crash analysis frameworks (apport, abrt) CCProjectZeroMembers  
  412 ---- Fixed ---- ---- cevans@google.com Linux: NetworkManager authorization problem with modem config files and arbitrary file read CCProjectZeroMembers  
  413 ---- Fixed ---- ---- cevans@google.com Linux: missing authentication check in usb-creator leads to local privilege escalation CCProjectZeroMembers  
  456 ---- Fixed ---- ---- taviso@google.com ESET Emulation Vulnerability CCProjectZeroMembers  
  466 ---- Fixed ---- ---- hawkes@google.com ESET NOD32 Heap overflow unpacking EPOC installation files. CCProjectZeroMembers  
  470 ---- Fixed ---- ---- cevans@google.com ESET NOD32 emulator fails if you modify .idata after imports CCProjectZeroMembers  
  518 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus ThinApp parser stack buffer overflow CCProjectZeroMembers  
  519 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus DEX file format parsing memory corruption CCProjectZeroMembers  
  520 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus RAR file format parsing memory corruption CCProjectZeroMembers  
  521 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus ZIP file format use after free vulnerability CCProjectZeroMembers  
  522 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus VB6 parsing integer overflow CCProjectZeroMembers  
  524 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus CHM parsing remote stack buffer overflow CCProjectZeroMembers  
  525 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus ExeCryptor parsing memory corruption CCProjectZeroMembers  
  526 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus PE unpacking integer overflow CCProjectZeroMembers  
  527 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus UPX parsing remote memory corruption CCProjectZeroMembers  
  528 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus "Yoda's Protector" unpacking remote memory corruption CCProjectZeroMembers  
  529 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus DEX file format memory corruption CCProjectZeroMembers  
  532 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus Virtual Keyboard GetGraphics() Path Traversal CCProjectZeroMembers  
  535 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus incorrect %PROGRAMDATA% ACL CCProjectZeroMembers  
  536 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus multiple memory corruption issues CCProjectZeroMembers  
  539 ---- Fixed ---- ---- taviso@google.com Kaspersky Antivirus Certificate handling path traversal CCProjectZeroMembers  
  546 ---- Fixed ---- ---- taviso@google.com Avast Antivirus: X.509 Error Rendering Command Execution CCProjectZeroMembers  
  549 ---- Fixed ---- ---- taviso@google.com Avast: integer overflow verifying numFonts in TTC Header CCProjectZeroMembers  
  550 ---- Fixed ---- ---- taviso@google.com Rar: CmdExtract::UnstoreFile integer truncation memory corruption CCProjectZeroMembers  
  551 ---- Fixed ---- ---- taviso@google.com Avast: JetDb::IsExploited4x performs unbounded search on input CCProjectZeroMembers  
  552 ---- Fixed ---- ---- taviso@google.com Avast: heap overflow unpacking MoleBox archives CCProjectZeroMembers  
  554 ---- Fixed ---- ---- taviso@google.com Avast: OOB write decrypting PEncrypt packed executables CCProjectZeroMembers  
  564 ---- Fixed ---- ---- taviso@google.com Kaspersky Internet Security: Network Attack Blocker Design Flaw CCProjectZeroMembers  
  575 ---- Fixed ---- ---- taviso@google.com Avast: stack buffer overflow, strncpy length discarded CCProjectZeroMembers  
  666 ---- Fixed ---- ---- taviso@google.com FireEye: Wormable Remote Code Execution in MIP JAR Analysis CCProjectZeroMembers  
  668 ---- Fixed ---- ---- taviso@google.com Avast: authenticode parsing memory corruption CCProjectZeroMembers  
  670 ---- Fixed ---- ---- taviso@google.com FireEye: Privilege Escalation to root from Malware Input Processor (uid=mip) CCProjectZeroMembers  
  675 ---- Fixed ---- ---- taviso@google.com AVG: "Web TuneUP" extension multiple critical vulnerabilities CCProjectZeroMembers  
  679 ---- Fixed ---- ---- taviso@google.com Avast: A web-accessible RPC endpoint can launch "SafeZone" (also called Avastium), a Chromium fork with critical security checks removed. CCProjectZeroMembers  
  693 ---- Fixed ---- ---- taviso@google.com TrendMicro node.js HTTP server listening on localhost can execute commands CCProjectZeroMembers  
  700 ---- Fixed ---- ---- taviso@google.com Avast: Sandbox/Autosandbox Message Filtering Vulnerable to MS13-005 CCProjectZeroMembers  
  703 ---- Fixed ---- ---- taviso@google.com Comodo: Comodo Internet Security installs and starts a VNC server by default CCProjectZeroMembers  
  704 ---- Fixed ---- ---- taviso@google.com Comodo: Comodo "Chromodo" Browser disables same origin policy, Effectively turning off web security. CCProjectZeroMembers  
  713 ---- Fixed ---- ---- taviso@google.com Comodo: Comodo "Chromodo" Browser disables same origin policy, Effectively turning off web security. CCProjectZeroMembers  
  714 ---- Fixed ---- ---- taviso@google.com MalwareBytes: multiple security issues CCProjectZeroMembers  
  737 ---- Fixed ---- ---- taviso@google.com Comodo Antivirus Heap Overflow in LZX Decompression CCProjectZeroMembers  
  738 ---- Fixed ---- ---- taviso@google.com Comodo: Integer Overflow leading to Heap Overflow in Win32 emulation CCProjectZeroMembers  
  753 ---- Fixed ---- ---- taviso@google.com Comodo Antivirus: Emulator Stack Buffer Overflow handling PSUBUSB (Packed Subtract Unsigned with Saturation) CCProjectZeroMembers  
  762 ---- Fixed ---- ---- taviso@google.com Comodo: Integer Overlow Leading to Heap Overflow Parsing Composite Documents CCProjectZeroMembers  
  763 ---- Fixed ---- ---- taviso@google.com Comodo: LZMA Decoder Performs Insufficient Parameter Checks, Resulting in Heap Overflow CCProjectZeroMembers  
  764 ---- Fixed ---- ---- taviso@google.com Comodo: PackMan unpacker insufficient parameter validation CCProjectZeroMembers  
  765 ---- Fixed ---- ---- taviso@google.com Avira: Heap underflow parsing PE section headers CCProjectZeroMembers  
  769 ---- Fixed ---- ---- taviso@google.com Comodo: Comodo Antivirus Forwards Emulated API calls to the Real API during scans CCProjectZeroMembers  
  773 ---- Fixed ---- ---- taviso@google.com TrendMicro: A remote debugger stub is listening in default install  
  775 ---- Fixed ---- ---- taviso@google.com TrendMicro: Multiple HTTP problems with CoreServiceShell.exe CCProjectZeroMembers  
  810 ---- Fixed ---- ---- taviso@google.com Symantec Antivirus multiple remote memory corruption unpacking RAR CVE-2016-2207 CCProjectZeroMembers  
  814 ---- Fixed ---- ---- taviso@google.com Symantec: Remote Stack Buffer Overflow in dec2lha library CVE-2016-2210 CCProjectZeroMembers  
  816 ---- Fixed ---- ---- taviso@google.com Symantec: Symantec Antivirus multiple remote memory corruption unpacking MSPACK Archives CVE-2016-2211 CCProjectZeroMembers  
  817 ---- Fixed ---- ---- taviso@google.com McAfee: memory corruption processing relocations CCProjectZeroMembers  
  818 ---- Fixed ---- ---- taviso@google.com Symantec: Heap overflow modifying MIME messages CVE-2016-3644 CCProjectZeroMembers  
  819 ---- Fixed ---- ---- taviso@google.com Symantec: Integer Overflow in TNEF decoder CVE-2016-3645 CCProjectZeroMembers  
  820 ---- Fixed ---- ---- taviso@google.com Symantec/Norton Antivirus ASPack Remote Heap/Pool memory corruption Vulnerability CVE-2016-2208 CCProjectZeroMembers  
  821 ---- Fixed ---- ---- taviso@google.com Symantec: missing bounds checks in dec2zip ALPkOldFormatDecompressor::UnShrink CVE-2016 -3646 CCProjectZeroMembers  
  823 ---- Fixed ---- ---- taviso@google.com Symantec: PowerPoint misaligned stream-cache remote stack buffer overflow CVE-2016-2209 CCProjectZeroMembers  
  867 ---- Fixed ---- ---- taviso@google.com Symantec: more issues with outdated rar decomposer CCProjectZeroMembers  
  884 ---- Fixed ---- ---- taviso@google.com LastPass: design flaw in communication between privileged and unprivileged components  
  886 ---- Fixed ---- ---- natashenka@google.com Adobe Flash: Overflow in Rastering CCProjectZeroMembers  
  888 ---- Fixed ---- ---- taviso@google.com 1Password: Process Authentication Breaks Local Security CCProjectZeroMembers  
  890 ---- Fixed ---- ---- taviso@google.com Dashlane: universal XSS in doOnboardingSiteStep API CCProjectZeroMembers  
  908 ---- Fixed ---- ---- taviso@google.com Palo Alto Networks PanOS: appweb3 stack buffer overflow CCProjectZeroMembers  
  912 ---- Fixed ---- ---- taviso@google.com Palo Alto Networks PanOS: root_trace local privilege escalation CCProjectZeroMembers  
  913 ---- Fixed ---- ---- taviso@google.com Palo Alto Networks PanOS: root_reboot local privilege escalation CCProjectZeroMembers  
  917 ---- Fixed ---- ---- taviso@google.com Keeper: Trusted UI is injected into untrusted webpage  
  956 ---- Fixed ---- ---- taviso@google.com ghostscript: -dSAFER stopped working CCProjectZeroMembers  
  978 ---- Fixed ---- ---- taviso@google.com Kaspersky: SSL interception differentiates certificates with a 32bit hash CCProjectZeroMembers  
  989 ---- Fixed ---- ---- taviso@google.com Kaspersky: Local CA root is incorrectly protected CCProjectZeroMembers  
  1088 ---- Fixed ---- ---- taviso@google.com Adobe: Adobe Acrobat Force-Installed Vulnerable Chrome Extension CCProjectZeroMembers  
  1089 ---- WontFix ---- ---- taviso@google.com Nintendo: 3DS DNS Client Resolver Library Uses Predictable TXID CCProjectZeroMembers  
  1096 ---- Fixed ---- ---- taviso@google.com Cisco: Magic WebEx URL Allows Arbitrary Remote Command Execution CCProjectZeroMembers  
  1100 ---- Fixed ---- ---- taviso@google.com Cisco: WebEx: New Arbitrary Command Execution in 1.0.5 via Module Whitelist Bypass CCProjectZeroMembers  
  1139 ---- Fixed ---- ---- taviso@google.com cloudflare: Cloudflare Reverse Proxies are Dumping Uninitialized Memory CCProjectZeroMembers  
  1188 ---- Fixed ---- ---- taviso@google.com LastPass: domain regex doesn't handle data and other pseudo-url schemes CCProjectZeroMembers  
  1209 ---- Fixed ---- ---- taviso@google.com LastPass: websiteConnector.js content script allows proxying internal RPC commands CCProjectZeroMembers  
  1217 ---- Fixed ---- ---- taviso@google.com LastPass: FireFox error pages still load Content Scripts, allowing access to ExtensionProxyService CCProjectZeroMembers  
  1225 ---- Fixed ---- ---- taviso@google.com LastPass: global properties can be modified across isolated worlds, allowing remote code execution CCProjectZeroMembers  
  1248 ---- Fixed ---- ---- taviso@google.com MsMpEng: UIF decoder will spin forever processing sparse blocks CCProjectZeroMembers  
  1252 ---- Fixed ---- ---- taviso@google.com MsMpEng: Remotely Exploitable Type Confusion in Windows 8, 8.1, 10, Windows Server, SCEP, Microsoft Security Essentials, and more. CCProjectZeroMembers  
  1260 ---- Fixed ---- ---- taviso@google.com MsMpEng: Multiple problems handling ntdll!NtControlChannel commands CCProjectZeroMembers  
  1282 ---- Fixed ---- ---- taviso@google.com MsMpEng: mpengine x86 Emulator Heap Corruption in VFS API CCProjectZeroMembers  
  1324 ---- Fixed ---- ---- taviso@google.com Cisco: WebEx Various GPC Sanitization bypasses permit Arbitrary Remote Command Execution CCProjectZeroMembers