CINXE.COM

Root Cause Analyses | 0-days In-the-Wild

<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"><!-- Begin Jekyll SEO tag v2.8.0 --> <title>Root Cause Analyses | 0-days In-the-Wild</title> <meta name="generator" content="Jekyll v3.10.0" /> <meta property="og:title" content="Root Cause Analyses" /> <meta name="author" content="Google Project Zero" /> <meta property="og:locale" content="en_US" /> <meta name="description" content="Information about 0-days exploited in-the-wild!" /> <meta property="og:description" content="Information about 0-days exploited in-the-wild!" /> <link rel="canonical" href="https://googleprojectzero.github.io/0days-in-the-wild/0days-in-the-wild/rca.html" /> <meta property="og:url" content="https://googleprojectzero.github.io/0days-in-the-wild/0days-in-the-wild/rca.html" /> <meta property="og:site_name" content="0-days In-the-Wild" /> <meta property="og:type" content="website" /> <meta name="twitter:card" content="summary" /> <meta property="twitter:title" content="Root Cause Analyses" /> <script type="application/ld+json"> {"@context":"https://schema.org","@type":"WebPage","author":{"@type":"Person","name":"Google Project Zero"},"description":"Information about 0-days exploited in-the-wild!","headline":"Root Cause Analyses","url":"https://googleprojectzero.github.io/0days-in-the-wild/0days-in-the-wild/rca.html"}</script> <!-- End Jekyll SEO tag --> <link rel="stylesheet" href="/0days-in-the-wild/assets/main.css"> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto|Source+Code+Pro"> <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.7/css/all.css"><link type="application/atom+xml" rel="alternate" href="https://googleprojectzero.github.io/0days-in-the-wild/0days-in-the-wild/feed.xml" title="0-days In-the-Wild" /></head> <body><header class="site-header"> <div class="wrapper"> <a class="site-title" rel="author" href="/0days-in-the-wild/">0-days In-the-Wild</a> <nav class="site-nav"> <input type="checkbox" id="nav-trigger" class="nav-trigger" /> <label for="nav-trigger"> <span class="menu-icon"> <svg viewBox="0 0 18 15" width="18px" height="15px"> <path d="M18,1.484c0,0.82-0.665,1.484-1.484,1.484H1.484C0.665,2.969,0,2.304,0,1.484l0,0C0,0.665,0.665,0,1.484,0 h15.032C17.335,0,18,0.665,18,1.484L18,1.484z M18,7.516C18,8.335,17.335,9,16.516,9H1.484C0.665,9,0,8.335,0,7.516l0,0 c0-0.82,0.665-1.484,1.484-1.484h15.032C17.335,6.031,18,6.696,18,7.516L18,7.516z M18,13.516C18,14.335,17.335,15,16.516,15H1.484 C0.665,15,0,14.335,0,13.516l0,0c0-0.82,0.665-1.483,1.484-1.483h15.032C17.335,12.031,18,12.695,18,13.516L18,13.516z"/> </svg> </span> </label> <div class="trigger"> <a href="https://googleprojectzero.github.io/0days-in-the-wild/rca.html" class="page-link">Root Cause Analyses</a> <a href="https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY" class="page-link">Tracking Sheet</a> <a href="https://googleprojectzero.github.io/0days-in-the-wild/contributing.html" class="page-link">Contributing</a> <a href="https://googleprojectzero.github.io/0days-in-the-wild/about.html" class="page-link">About</a> <a href="https://googleprojectzero.blogspot.com/" class="menu-link" target="_blank"><i class="fab fa-blogger"></i></a> <a href="https://bugs.chromium.org/p/project-zero/issues/list" class="menu-link" target="_blank"><i class="fas fa-bug"></i></a> <a href="https://github.com/googleprojectzero/0days-in-the-wild" class="menu-link" target="_blank"><i class="fab fa-github"></i></a> <a href="mailto:0day-in-the-wild@google.com" class="menu-link" target="_blank"><i class="fas fa-envelope"></i></a> </div> </nav> </div> </header> <main class="page-content" aria-label="Content"> <div class="wrapper"> <article class="post"> <header class="post-header"> <h1 class="post-title">Root Cause Analyses</h1> </header> <div class="post-content"> <p><em>Originally published by Maddie Stone on the <a href="https://googleprojectzero.blogspot.com/">Google Project Zero blog</a> on 27 July 2020</em></p> <p>Beginning in 2019, Project Zero began a program to systematically study 0-day exploits that are used in the wild. It鈥檚 another way we鈥檙e trying to make 0-day hard. We published our <a href="https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/">tracking spreadsheet</a> for recording publicly known cases of detected 0-day exploits. Today we鈥檙e beginning to share the root cause analyses we perform on these detected 0-day exploits. To better understand our approach and reasoning behind these analyses, please read <a href="https://googleprojectzero.blogspot.com/2020/07/root-cause-analyses-for-0-day-in-wild.html">this blog post</a>.</p> <p>We will continue to publish new root cause analyses as they are completed, hopefully in a very timely manner. We hope other researchers who detect and/or analyze 0-day exploits will also publish this information to better inform actions and decision making in the security and tech communities. The template that we use is available <a href="https://raw.githubusercontent.com/googleprojectzero/0days-in-the-wild/main/0day-RCAs/template.md">here</a>. We welcome pull requests!</p> <p>Our goal is that this information helps the security and technical communities. Please <a href="mailto:0day-in-the-wild@google.com">reach out</a> with any feedback or suggestions.</p> <style> table { border-collapse: collapse; border-spacing: 0; border: 1px solid #ddd; } th, td { text-align: left; padding: 4px; height: 10px; overflow:hidden; width: 200px; white-space: nowrap; } tr:nth-child(even){background-color: #f2f2f2} tr:hover{background-color: #f5f5f5} </style> <br/> <table> <tr> <th>CVE</th> <th>Link</th> </tr><tr> <td>CVE-2019-11707: IonMonkey Type Confusion in Array.Pop</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2019/CVE-2019-11707.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2019-1367: Internet Explorer JScript use-after-free</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2019/CVE-2019-1367.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2019-13720: Chrome use-after-free in webaudio</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2019/CVE-2019-13720.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2019-1458: Windows win32k uninitialized variable in task switching</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2019/CVE-2019-1458.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2019-2215: Android use-after-free in Binder</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2019/CVE-2019-2215.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2019-7286: iOS use-after-free in cfprefsd</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2019/CVE-2019-7286.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2019-7287: iOS Buffer Overflow in ProvInfoIOKitUserClient</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2019/CVE-2019-7287.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2019-17026: Firefox Type Confusion in IonMonkey</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2019-17026.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-0674: Internet Explorer use-after-free in JScript</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-0674.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-0938: Windows Font Driver Type 1 BlendDesignPositions stack corruption</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-0938.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-0986: Windows splwow64 Untrusted Pointer Dereference</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-0986.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-1020: Windows Font Driver Type 1 VToHOrigin stack corruption</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-1020.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-1027: Windows buffer overflow in CSRSS</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-1027.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-1380: Internet Explorer JScript9 Use-after-Free</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-1380.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-15999: FreeType Heap Buffer Overflow in Load_SBit_Png</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-15999.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-16009: Chrome Turbofan Type Confusion after Map Deprecation</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-16009.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-16010: Chrome for Android ConvertToJavaBitmap Heap Buffer Overflow</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-16010.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-17087: Windows pool buffer overflow in cng.sys IOCTL</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-17087.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-27930: Safari RCE in Type 1 fonts handled by libType1Scaler.dylib</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-27930.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-27932: iOS Kernel privesc with turnstiles</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-27932.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-27950: XNU Kernel Memory Disclosure in Mach Message Trailers</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-27950.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-6418: Chrome incorrect side-effect modelling issue in Turbofan leading to type confusions</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-6418.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-6572: Chrome MediaCodecAudioDecoder Sandbox Escape</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-6572.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2020-6820: Firefox use-after-free in Cache</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2020/CVE-2020-6820.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-0920: Android sk_buff use-after-free in Linux</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-0920.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-1048: Android kernel refcount increment on mid-destruction file</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-1048.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-1647: Windows Defender mpengine remote code execution</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-1647.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-1732: Windows win32k flag setting out of sync in xxCreateWindowEx</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-1732.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-1879: Use-After-Free in QuickTimePluginReplacement</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-1879.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-1905: Qualcomm Adreno GPU memory mapping use-after-free</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-1905.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-21166: Chrome Object Lifecycle Issue in Audio</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-21166.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-21206: Chrome Use-After-Free in Animations</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-21206.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-25337: Samsung file system r/w in clipboard provider</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-25337.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-25369: Samsung kernel info leak in sec_log</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-25369.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-26411: Internet Explorer MSHTML Double-Free</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-26411.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-26855: Microsoft Exchange Server-Side Request Forgery</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-26855.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-30551: Chrome Type Confusion in V8</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-30551.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-30632: Chrome Turbofan Type confusion in Global property access</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-30632.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-30858: WebKit use-after-free in IndexedDB</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-30858.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-33742: Internet Explorer out-of-bounds write in MSHTML</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-33742.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-37975: Chrome v8 garbage collector logic bug causing live objects to be collected</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-37975.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-38000: Chrome Intents Logic Flaw</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-38000.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-22706 / CVE-2021-39793: Mali GPU driver makes read-only imported pages host-writable</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-39793.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2021-4102: Chrome incorrect node elision in Turbofan leads to unexpected WriteBarrier elision</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-4102.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-1096: Chrome Type Confusion in Property Access Interceptor</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-1096.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-1364: Inconsistent Object Materialization in V8</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-1364.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-21882: Win32k Window Object Type Confusion</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-21882.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-22265: Samsung NPU device driver double free in Android</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-22265.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-22620: Use-after-free in Safari</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-22620.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-22675: AppleAVD Overflow in AVC_RBSP::parseHRD</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-22675.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-2294: Heap buffer overflow in WebRTC</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-2294.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-24521: Windows Common Log File System (CLFS) Logical-Error Vulnerability</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-24521.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-32917: AppleSPU out of bounds write</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-32917.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-3723: Logic Issue in Turbofan JIT Compiler</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-3723.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-41033: Type confusion in Windows COM+ Event System Service</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-41033.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-41073: Windows Activation Contexts EoP</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-41073.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-41128: Type confusion in Internet Explorer's JScript9 engine</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-41128.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-4135: Chrome heap buffer overflow in validating command decoder</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-4135.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2022-4262: Incorrect Bytecode Generation by JavaScript Parser</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-4262.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2023-20963: Android: mismatching parcel/unparcel logic for WorkSource</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-20963.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2023-26369: Adobe Acrobat PDF Reader RCE when processing TTF fonts</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-26369.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2023-28252: Windows Common Log File System Driver Elevation of Privilege Vulnerability</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-28252.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2023-33106: Qualcomm Adreno GPU KGSL_GPU_AUX_COMMAND_SYNC OOB</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-33106.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2023-33107: Qualcomm Adreno GPU KGSL_IOCTL_GPUOBJ_IMPORT integer overflow</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-33107.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2023-36033: Windows DWM Core Library Elevation of Privilege Vulnerability</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-36033.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2023-36802: Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-36802.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2023-38831: RARLAB WinRAR Code Execution Vulnerability</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-38831.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2023-4211: Use-after-Free in ARM Mali GPU Driver</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-4211.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2023-6345: Integer overflow in Skia MeshOp::onCombineIfPossible</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-6345.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>CVE-2024-44068: Samsung m2m1shot_scaler0 device driver page use-after-free in Android</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2024/CVE-2024-44068.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr><tr> <td>0-day Root Cause Analysis Template</td> <td><a href="https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/template.html" target="_blank"><i class="fas fa-external-link-alt"></i></a></td> </tr></table> </div> </article> </div> </main><footer class="site-footer h-card"> <data class="u-url" href="/0days-in-the-wild/"></data> <div class="wrapper"> <h2 class="footer-heading">0-days In-the-Wild</h2> <div class="footer-col-wrapper"> <div class="footer-col footer-col-1"> <ul class="contact-list"> <li class="p-name">Google Project Zero</li><li><a class="u-email" href="mailto:0day-in-the-wild@google.com">0day-in-the-wild@google.com</a></li></ul> </div> <div class="footer-col footer-col-2"><ul class="social-media-list"><li><a href="https://github.com/googleprojectzero"><svg class="svg-icon"><use xlink:href="/0days-in-the-wild/assets/minima-social-icons.svg#github"></use></svg> <span class="username">googleprojectzero</span></a></li></ul> </div> <div class="footer-col footer-col-3"> <p>Information about 0-days exploited in-the-wild!</p> </div> </div> </div> </footer> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10