Vm2 Patches Critical Remote Code Execution Vulnerabilities in JavaScript Sandbox Library (CVE-2023-30547 and CVE-2023-29199)

Two critical vulnerabilities affecting its JavaScript Sandbox Library are addressed by vm2. Both the vulnerabilities CVE-2023-29199 and CVE-2023-30547 are given a CVSS score of 9.8. Successful exploitation of these vulnerabilities may allow an attacker to perform remote code execution. Seung Hyun Lee) of KAIST Hacking Lab has discovered the vulnerabilities and released proof-of-concept (PoC) (CVE-2023-29199 … Continue reading “Vm2 Patches Critical Remote Code Execution Vulnerabilities in JavaScript Sandbox Library (CVE-2023-30547 and CVE-2023-29199)”

Adobe Reader Double Free Vulnerability : CVE-2018-4990

A double free vulnerability in Adobe Reader was disclosed. CVE-2018-4990 has been assigned to track this vulnerability. Upon successful exploitation an attacker can achieve arbitrary code execution. The vulnerability has been exploited in the wild via crafted pdf document. Adobe has released¬†APSB18-09 to address this vulnerability. Please check the advisory for the list of affected … Continue reading “Adobe Reader Double Free Vulnerability : CVE-2018-4990”