Google Chrome Zero-Day Type Confusion Vulnerability (CVE-2021-30563)

Another zero-day vulnerability of Google Chrome was in the news in mid-July 2021. The  zero-days prior to this one were as follows: CVE-2021-21148 – February 4th, 2021 CVE-2021-21166 – March 2nd, 2021 CVE-2021-21193 – March 12th, 2021 CVE-2021-21206 – April13th, 2021 CVE-2021-21220 – April 13th, 2021 CVE-2021-21224 – April 20th, 2021 CVE-2021-30551 – June 9th, … Continue reading “Google Chrome Zero-Day Type Confusion Vulnerability (CVE-2021-30563)”

Google Chrome V8 Type confusion Vulnerability (CVE-2020-6418)

Summary: In last week of February,2020, a type confusion vulnerability in V8, Google Chrome’s open-source JavaScript and WebAssembly engine.  Description: Details about these attacks are not yet public, and we don’t know how this bug  (that has been restricted) is being used against Chrome users. V8 is Chrome’s component that is responsible for processing JavaScript … Continue reading “Google Chrome V8 Type confusion Vulnerability (CVE-2020-6418)”

Chakra: Type Confusion Vulnerability – CVE-2016-7201

Introduction: Last year in the month of September, the Project Zero team from Google disclosed vulnerabilities in the Microsoft JavaScript engine Chakra. CVE-2016-7200 and CVE-2016-7201 are two such bugs that caught the limelight. Even though it’s an old bug it is worth discussing their specifics. Both of these vulnerabilities went from PoC of vulnerability to … Continue reading “Chakra: Type Confusion Vulnerability – CVE-2016-7201”