all InfoSec news
Getting RCE in Chrome with incomplete object initialization in the Maglev compiler
Oct. 17, 2023, 3 p.m. | Man Yue Mo
The GitHub Blog: Security News and Updates github.blog
In this post, I'll exploit CVE-2023-4069, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
The post Getting RCE in Chrome with incomplete object initialization in the Maglev compiler appeared first on The GitHub Blog.
chrome code code execution compiler cve exploit exploit development github security lab malicious object rce remote code remote code execution sandbox security single type confusion
More from github.blog / The GitHub Blog: Security News and Updates
Introducing Artifact Attestations–now in public beta
4 weeks, 2 days ago |
github.blog
Securing millions of developers through 2FA
1 month, 1 week ago |
github.blog
Gaining kernel code execution on an MTE-enabled Pixel 8
2 months, 2 weeks ago |
github.blog
Keeping secrets out of public repositories
3 months ago |
github.blog
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC