CVE-2019-13720 WizardOpium
Google Chrome RCE - Use After Free in WebAudio
Architecture
Affected Versions
Bypasses
Tested Version
License
Supported OS
x64
Chrome 76-78.0.3904.70
DEP, ASLR, CFG, CET
Chrome 76.0.3809.132 Official Build 64-bit
GNU GPLv3
Windows 7 x64
Windows 8.1 x64
Windows 10 x64
Hydseven Exploit Chain
Mozilla Firefox JIT Type Confusion CVE-2019-11707 chained with CVE-2019-11708 sandbox escape
Architecture
Affected Versions
Bypasses
Tested Version
License
Supported OS
x64
Mozilla Firefox 67.0.2 64-bit and earlier
DEP, ASLR, CFG, CET
Mozilla Firefox 67.0.2 64-bit
GNU GPLv3
Windows 7 x64
Windows 8.1 x64
Windows 10 x64
Double Star Exploit Chain
Mozilla Firefox JIT Type Confusion CVE-2019-17026 or Internet Explorer CVE-2020-0674 Jscript.dll UAF RCE chained with CVE-2020-0674 Jscript.dll UAF via WPAD for sandbox escape and LPE
Architecture
Affected Versions
Bypasses
Tested Version
License
Supported OS
x64/x86
Mozilla Firefox <=71 Internet Explorer 8/11
WPAD pre-Windows 10
DEP, ASLR, CFG
FF 65-69 64-bit
IE8/11 64-bit
IE8/11 32-bit
GNU GPLv3
Windows 7 x64
Windows 7 x86
Windows 8.1 x64
CVE-2020-0674 32-bit
32-bit Internet Explorer and WPAD RCE - Jscript.dll Use After Free
Architecture
Affected Versions
Bypasses
Tested Version
License
Supported OS
x86
Internet Explorer 8/11
WPAD pre-Windows 10
DEP, ASLR, EMET 5.5 EAF+, stack pivot protection, SimExec, CallerCheck
Win7 x86 WPAD
IE8/11 32-bit
GNU GPLv3
Windows 7 x86
MS12-037
32-bit Internet Explorer Heap Overflow
Architecture
Affected Versions
Bypasses
Tested Version
License
Supported OS
x86
Internet Explorer 8
DEP
IE 8 32-bit
GNU GPLv3
Windows 7 x86