Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv3

CVE-2015-0565

Published: 25/02/2020 Updated: 05/03/2020
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 10 | Impact Score: 6 | Exploitability Score: 3.9
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Native Client

Vulnerability Summary

NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google native client 2015

Exploits

Exploit DB: Rowhammer - NaCl Sandbox Escape
Sources: googleprojectzeroblogspotca/2015/03/exploiting-dram-rowhammer-bug-to-gainhtml codegooglecom/p/google-security-research/issues/detail?id=284 Full PoC: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/36311targz This is a proof-of-concept exploit that is able to escape from Native Cl ...
Exploit DB: Linux Kernel (x86-64) - Rowhammer Privilege Escalation
Sources: googleprojectzeroblogspotca/2015/03/exploiting-dram-rowhammer-bug-to-gainhtml codegooglecom/p/google-security-research/issues/detail?id=283 Full PoC: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/36310targz This is a proof-of-concept exploit that is able to gain kernel privileges ...

Github Repositories

https://github.com/jfbastien/ponies

C++ on the Web: ponies for developers without pwn’ing users

C++ on the Web Ponies for developers without pwn'ing users Author: JF Bastien Abstract Delivering a program through a web browser really shouldn't force it to be slower than executing it directly on your OS Similarly, doing so shouldn't force you to rewrite programs that target venerable, cornerstone native programming APIs—modern C++ STL, OpenGL, f

https://github.com/9xN/xerobyte

A write up of a byte flip zero day vulnerability and exploit

xerobyte What is it & how does it work xerobyte is an exploit that takes advantage of an unintended and undesirable side effect in dynamic random-access memory (DRAM) in which memory cells interact electrically between themselves by leaking their charges, possibly changing the contents of nearby memory rows that were not addressed in the original memory access (Turning

References

CWE-119https://www.exploit-db.com/exploits/36310/https://www.exploit-db.com/exploits/36311/https://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.htmlhttps://nvd.nist.govhttps://github.com/jfbastien/ponieshttps://www.exploit-db.com/exploits/36311/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook