all InfoSec news
Getting RCE in Chrome with incorrect side effect in the JIT compiler
Sept. 26, 2023, 3 p.m. | Man Yue Mo
The GitHub Blog: Security News and Updates github.blog
In this post, I'll exploit CVE-2023-3420, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
The post Getting RCE in Chrome with incorrect side effect in the JIT compiler appeared first on The GitHub Blog.
chrome code code execution compiler cve exploit exploit development github security lab jit malicious rce remote code remote code execution sandbox security single type confusion
More from github.blog / The GitHub Blog: Security News and Updates
Where does your software (really) come from?
2 days, 3 hours ago |
github.blog
CodeQL zero to hero part 3: Security research with CodeQL
3 days, 11 hours ago |
github.blog
Securing millions of developers through 2FA
1 week, 1 day ago |
github.blog
Gaining kernel code execution on an MTE-enabled Pixel 8
1 month, 2 weeks ago |
github.blog
Keeping secrets out of public repositories
2 months ago |
github.blog
Build code security skills with the GitHub Secure Code Game
2 months, 2 weeks ago |
github.blog
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
DevSecOps Engineer
@ LinQuest | Beavercreek, Ohio, United States
Senior Developer, Vulnerability Collections (Contractor)
@ SecurityScorecard | Remote (Turkey or Latin America)
Cyber Security Intern 03416 NWSOL
@ North Wind Group | RICHLAND, WA
Senior Cybersecurity Process Engineer
@ Peraton | Fort Meade, MD, United States
Sr. Manager, Cybersecurity and Info Security
@ AESC | Smyrna, TN 37167, Smyrna, TN, US | Santa Clara, CA 95054, Santa Clara, CA, US | Florence, SC 29501, Florence, SC, US | Bowling Green, KY 42101, Bowling Green, KY, US