Google Security Research

1,215 exploits Active since May 2013
EIP-2026-103491 EXPLOITDB html WORKING POC
Google Chrome 73.0.3683.103 - 'WasmMemoryObject::Grow' Use-After-Free
EIP-2026-103490 EXPLOITDB text WRITEUP
Google Chrome 72.0.3626.81 - 'V8TrustedTypePolicyOptions::ToImpl' Type Confusion
EIP-2026-103486 EXPLOITDB text WORKING POC
Google Chrome - Swiftshader Texture Allocation Integer Overflow
EIP-2026-103485 EXPLOITDB html WRITEUP
Google Chrome - SwiftShader OpenGL Texture Bindings Reference Count Leak
EIP-2026-103484 EXPLOITDB html WORKING POC
Google Chrome - Swiftshader Blitting Floating-Point Precision Errors
CVE-2015-8664 EXPLOITDB HIGH text WORKING POC
Google Chrome < 47.0.2526.80 - Numeric Error
Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an RGBA pixel array with crafted dimensions, a different vulnerability than CVE-2015-6792.
CVSS 8.8
EIP-2026-103482 EXPLOITDB text WORKING POC
Google Chrome - Out-of-Bounds Access in RegExp Stubs
CVE-2018-6092 EXPLOITDB HIGH javascript WORKING POC
Google Chrome <66.0.3359.117 - RCE
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVSS 8.8
EIP-2026-103480 EXPLOITDB html WORKING POC
Google Chrome - 'layout' Out-of-Bounds Read
EIP-2026-103479 EXPLOITDB html WORKING POC
Google Chrome - 'HTMLKeygenElement::shadowSelect()' Type Confusion
EIP-2026-103473 EXPLOITDB text WORKING POC
FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Out-of-Bounds Read
CVE-2017-14493 EXPLOITDB CRITICAL python WORKING POC
dnsmasq <2.78 - Buffer Overflow
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
CVSS 9.8
CVE-2017-14495 EXPLOITDB HIGH python WORKING POC
dnsmasq <2.78 - DoS
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.
CVSS 7.5
CVE-2017-14496 EXPLOITDB HIGH python WORKING POC
dnsmasq <2.78 - DoS
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
CVSS 7.5
CVE-2017-14494 EXPLOITDB MEDIUM python WORKING POC
dnsmasq <2.78 - Info Disclosure
dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
CVSS 5.9
CVE-2017-14492 EXPLOITDB CRITICAL python WORKING POC
dnsmasq <2.78 - Buffer Overflow
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
CVSS 9.8
CVE-2017-14491 EXPLOITDB CRITICAL python WORKING POC
dnsmasq <2.78 - Buffer Overflow
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
CVSS 9.8
EIP-2026-103440 EXPLOITDB javascript WORKING POC
Chrome V8 JIT - Simplified-lowererer IrOpcode::kStoreField_ IrOpcode::kStoreElement Optimization Bug
EIP-2026-103439 EXPLOITDB javascript WORKING POC
Chrome V8 JIT - JSBuiltinReducer::ReduceObjectCreate Fails to Ensure that the Prototype is _null_
EIP-2026-103438 EXPLOITDB javascript WORKING POC
Chrome V8 JIT - Empty BytecodeJumpTable Out-of-Bounds Read
EIP-2026-103437 EXPLOITDB javascript WORKING POC
Chrome V8 JIT - Arrow Function Scope Fixing Bug
EIP-2026-103436 EXPLOITDB javascript WORKING POC
Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion
EIP-2026-103435 EXPLOITDB javascript WORKING POC
Chrome V8 JIT - 'GetSpecializationContext' Type Confusion
EIP-2026-103434 EXPLOITDB javascript WORKING POC
Chrome V8 JIT - 'AwaitedPromise' Update Bug
EIP-2026-103433 EXPLOITDB javascript WORKING POC
Chrome V8 - 'TranslatedState::MaterializeCapturedObjectAt' Type Confusion