{"vulnerability": "CVE-2020-1599", "sightings": [{"uuid": "1b072ded-398f-4f81-9d25-36ff290d9cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:17.000000Z"}, {"uuid": "685a49b0-5785-411b-b456-a27204387f8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "87e6a8e7-2ef6-466b-a616-1deee277f50b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1599", "type": "seen", "source": "MISP/a8009d56-7dab-4b65-a6ee-3caf2773c960", "content": "", "creation_timestamp": "2022-01-05T12:37:10.000000Z"}, {"uuid": "a41c3338-166d-4054-bd38-02d770ec7384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "seen", "source": "MISP/05b1c73a-7da3-4c4e-a3ce-3b5d0f2e886f", "content": "", "creation_timestamp": "2024-11-14T06:07:15.000000Z"}, {"uuid": "c4c86373-935e-4e7b-81dc-553c11534788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971081", "content": "", "creation_timestamp": "2024-12-24T20:23:58.452927Z"}, {"uuid": "4f33a6a1-328b-408f-bd6e-64db9721ba1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:46.000000Z"}, {"uuid": "8c29febe-d617-4a40-aa04-a51ebf5b9ad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1599", "type": "published-proof-of-concept", "source": "https://t.me/cKure/2776", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 With CVE-2020-1599, MS patched a bug that allows an attacker to append data to a signed PE file without invalidating its signature. Abusing this, as an example, would permit an attacker to deliver \"signed\" HTA payloads. Example \"evil\" HTA.\n\nhttps://www.virustotal.com/gui/file/14d4fc10dc1d01193a3b5e905fcfae0cd0347656ad7c643a2931dc6b774a311e/details", "creation_timestamp": "2020-11-12T05:59:59.000000Z"}, {"uuid": "29739d6f-1e8b-4066-9717-39660542913b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-15999", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f06e40b2-7270-4648-8a8f-424352444529", "content": "", "creation_timestamp": "2026-02-02T12:28:44.370794Z"}, {"uuid": "1272e005-3202-4e24-a618-d245de15dd16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1599", "type": "seen", "source": "MISP/a8009d56-7dab-4b65-a6ee-3caf2773c960", "content": "", "creation_timestamp": "2025-11-10T20:41:14.000000Z"}, {"uuid": "1d9c1391-7335-405f-8652-5fbe029db8bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:58.000000Z"}, {"uuid": "475d0e85-4790-4735-bdd2-fee19beccba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "exploited", "source": "https://t.me/CCNCERT/259", "content": "Avisamos de la publicaci\u00f3n de una #vulnerabilidad cr\u00edtica en el #kernel de @Windows, explotada de forma activa en ataques dirigidos junto con la vulnerabilidad CVE-2020-15999 en Google Chrome. Microsoft ya ha ofrecido el parche que la soluciona. https://t.co/cVvs3y5FnW https://t.co/SkyRYb2Utp", "creation_timestamp": "2020-11-11T15:25:37.000000Z"}, {"uuid": "0cf36946-e418-4b41-8998-454b27670ff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "exploited", "source": "https://t.me/antichat/8822", "content": "\u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Chrome. \u0412 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2020-15999, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 FreeType \u0434\u043b\u044f \u0440\u0435\u043d\u0434\u0435\u0440\u0438\u043d\u0433\u0430 \u0448\u0440\u0438\u0444\u0442\u043e\u0432, \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b\u0430 \u043a \u0437\u0430\u0445\u0432\u0430\u0442\u0443 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432. \u041a\u0430\u0441\u0430\u0435\u0442\u0441\u044f Windows, Linux \u0438 \u041c\u0430\u043a. \n\nhttps://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html\nhttps://savannah.nongnu.org/bugs/?59308", "creation_timestamp": "2020-10-22T02:12:49.000000Z"}, {"uuid": "2e9dcb69-9fba-4642-ae1d-0f7fb0baf6a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "exploited", "source": "https://t.me/thesammymove/2318", "content": "UPDATE YOUR CHROME BROWSER NOW!\ud83d\udea8\ud83d\udea8\n\nChannel:@thesammymove \n#thesammymoveNEWS \n\n\u267b\ufe0fGoogle\u00a0released\u00a0Chrome version 86.0.4240.111 today to patch several security high-severity issues, including a zero-day vulnerability that has been exploited in the wild by attackers to hijack targeted computers.\n\n\u267b\ufe0fTracked as\u00a0CVE-2020-15999, the actively exploited vulnerability is a type of memory-corruption flaw called heap buffer overflow in Freetype, a popular open source software development library for rendering fonts that comes packaged with Chrome.\n\n\u267b\ufe0fThe vulnerability was discovered and reported by security researcher Sergei Glazunov of Google Project Zero on October 19 and is subject to a seven-day public disclosure deadline due to the flaw being under active exploitation.\n\nRead also,\n\u2705HOW TO GET FREE N1,000 WITHDRAWABLE TO YOUR BANK\nCLICK \ud83d\udc49HERE\ud83d\udc48", "creation_timestamp": "2020-10-24T02:56:54.000000Z"}, {"uuid": "1b4c2454-10d4-43c2-9602-87a0eacac58c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "exploited", "source": "https://t.me/CyberGovIL/926", "content": "[\u05e2\u05d3\u05db\u05d5\u05df] \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea ZeroDay \u05d1\u05d3\u05e4\u05d3\u05e4\u05df \u05db\u05e8\u05d5\u05dd \u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05d1\u05e2\u05d5\u05dc\u05dd | Com1523\n\n\u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05e4\u05e8\u05e1\u05de\u05d4 \u05d2\u05d5\u05d2\u05dc \u05e2\u05d3\u05db\u05d5\u05df \u05d0\u05d1\u05d8\u05d7\u05d4 \u05dc\u05d3\u05e4\u05d3\u05e4\u05df \u05db\u05e8\u05d5\u05dd \u05e2\u05d1\u05d5\u05e8 \u05de\u05e1\u05e4\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05e1\u05d9\u05db\u05d5\u05df \u05d2\u05d1\u05d5\u05d4.\n\n\u05d0\u05d7\u05ea \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d4\u05d9\u05d0 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea ZeroDay (\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e9\u05dc\u05d0 \u05d4\u05d9\u05d9\u05ea\u05d4 \u05d9\u05d3\u05d5\u05e2\u05d4 \u05dc\u05d9\u05e6\u05e8\u05df) \u05d4\u05de\u05e0\u05d5\u05e6\u05dc\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05e2\u05dc \u05d9\u05d3\u05d9 \u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05d1\u05e2\u05d5\u05dc\u05dd.\n\n[\u05e2\u05d3\u05db\u05d5\u05df] \u05e4\u05d5\u05e8\u05e1\u05dd \u05e2\u05d3\u05db\u05d5\u05df \u05d0\u05d1\u05d8\u05d7\u05d4 \u05dc\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea ZeroDay \u05e0\u05d5\u05e1\u05e4\u05d5\u05ea (CVE-2020-15999\u05d5-CVE-2020-16009).\n\n[\u05e2\u05d3\u05db\u05d5\u05df] \u05d2\u05d5\u05d2\u05dc \u05e4\u05e8\u05e1\u05de\u05d4 \u05e9\u05ea\u05d9 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea zero-day \u05e0\u05d5\u05e1\u05e4\u05d5\u05ea (CVE-2020-16013 \u05d5-CVE-2020-16017).\n\n\u05de\u05d5\u05de\u05dc\u05e5 \u05dc\u05d1\u05d7\u05d5\u05df \u05d5\u05dc\u05e2\u05d3\u05db\u05df \u05d4\u05d3\u05e4\u05d3\u05e4\u05df \u05d1\u05d4\u05e7\u05d3\u05dd \u05d4\u05d0\u05e4\u05e9\u05e8\u05d9.", "creation_timestamp": "2020-11-12T11:41:01.000000Z"}, {"uuid": "c0100c6e-33fc-4666-a6c5-9e3d731c15f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "exploited", "source": "https://t.me/alexmakus/3692", "content": "\u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Chrome. \u0412 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2020-15999, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 FreeType \u0434\u043b\u044f \u0440\u0435\u043d\u0434\u0435\u0440\u0438\u043d\u0433\u0430 \u0448\u0440\u0438\u0444\u0442\u043e\u0432, \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b\u0430 \u043a \u0437\u0430\u0445\u0432\u0430\u0442\u0443 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432. \u041a\u0430\u0441\u0430\u0435\u0442\u0441\u044f Windows, Linux \u0438 \u041c\u0430\u043a. \n\nhttps://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html\nhttps://savannah.nongnu.org/bugs/?59308", "creation_timestamp": "2020-10-22T15:01:03.000000Z"}, {"uuid": "262fb2bc-5182-42ab-88ed-e915cb7a3875", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "seen", "source": "Telegram/KG_q97gHZZz7vuGGepml5_ZTwzx_0Hbu8Su1wuMbz83-mXaB", "content": "", "creation_timestamp": "2025-02-06T02:43:28.000000Z"}, {"uuid": "3021069a-8432-4970-91c9-e97224f7d80e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "seen", "source": "Telegram/n_DvxthvnrQC3PU-Ry_UoRv0jwUu_lXlFgeU0pniyo9VZH00", "content": "", "creation_timestamp": "2025-02-06T02:39:17.000000Z"}, {"uuid": "01545bb9-4d18-4eef-9e83-66c4b1f7050e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "exploited", "source": "Telegram/a3MI-AY2U5dapZzc223-CMepR7qaWQYHvjEqDxlRkJgaQg", "content": "", "creation_timestamp": "2020-10-23T14:36:27.000000Z"}, {"uuid": "a4135c62-2726-4d6d-a835-ec4125f7ea12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "seen", "source": "https://t.me/arpsyndicate/1098", "content": "#ExploitObserverAlert\n\nCVE-2020-15999\n\nDESCRIPTION: Exploit Observer has 31 entries related to CVE-2020-15999. Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\nFIRST-EPSS: 0.052940000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-12-04T03:00:39.000000Z"}, {"uuid": "7b47b15d-c32e-4d31-9c6c-a4978b73f4bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15994", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2543", "content": "Exploiting CVE-2020-15994 Chrome WebAssembly Engine UAF Vulnerability (PoC)\nhttps://blog.br0vvnn.io/pages/blogpost.aspx?id=5", "creation_timestamp": "2021-01-21T12:00:01.000000Z"}, {"uuid": "2eb95872-704a-4f32-b53f-c90402d90206", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "exploited", "source": "https://t.me/true_secator/1067", "content": "\u0420\u0443\u043a\u043e\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b Google Project Zero \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2020-15999 \u0432 Chrome.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 FreeType \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u0443\u0447\u0438, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442, \u0435\u0441\u043b\u0438 \u0437\u0432\u0435\u0437\u0434\u044b \u0441\u043e\u0439\u0434\u0443\u0442\u0441\u044f, \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0445\u0430\u043a\u0435\u0440\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u043a\u0430 \u0447\u0442\u043e \u043c\u044b \u043c\u043e\u0436\u0435\u043c \u0442\u043e\u043b\u044c\u043a\u043e \u0433\u0430\u0434\u0430\u0442\u044c \u043e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442. PoC, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u0442\u043e\u0436\u0435. \u041f\u043e\u043b\u0430\u0433\u0430\u0435\u043c, \u0447\u0442\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0432\u044b\u0434\u0435\u0440\u0436\u0430\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0443\u044e \u043f\u0430\u0443\u0437\u0443 \u043f\u0435\u0440\u0435\u0434 \u0438\u0445 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0435\u0439, \u0447\u0442\u043e\u0431\u044b \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0443\u0441\u043f\u0435\u043b\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f.\n\n\u0410\u043f\u0434\u0435\u0439\u0442, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0439 \u044d\u0442\u0443 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0432\u0447\u0435\u0440\u0430. \u0412\u0441\u0435\u043c \u0441\u0440\u043e\u0447\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u044b.\n\nUPD. \u041d\u0430\u043c \u043f\u043e\u0434\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0435\u0441\u0442\u044c \u0437\u0434\u0435\u0441\u044c. \u041f\u043e\u043a\u0430 \u0447\u0442\u043e \u043f\u043e\u043d\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u043e\u0448\u0438\u0431\u043a\u0443 \u043c\u043e\u0436\u043d\u043e \u0442\u043e\u0447\u043d\u043e \u043f\u043e\u043b\u043e\u0436\u0438\u0442\u044c Chrome.", "creation_timestamp": "2020-10-21T12:00:45.000000Z"}, {"uuid": "36a1f1b2-b5df-4139-bc38-00186b6c8034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "exploited", "source": "https://t.me/SecLabNews/9161", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Google Project Zero \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438 PoC-\u043a\u043e\u0434 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u041e\u0421 Windows, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e CVE-2020-15999 \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Google Chrome ( \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 86.0.4240.111).\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0438 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b, CVE-2020-15999 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a 0Day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows ( CVE-2020-17087 ) \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0432\u044b\u0445\u043e\u0434\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b Chrome \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043a\u043e\u0434\u0430 \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0432\u0448\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0418\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043b\u0438\u0448\u044c, \u0447\u0442\u043e \u043e\u043d\u0438 \u043d\u0435 \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u043e\u044f\u0449\u0438\u0445 \u0432\u044b\u0431\u043e\u0440\u043e\u0432 \u0432 \u0421\u0428\u0410.\n\nGoogle \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 CVE-2020-17087 \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u044f\u0434\u0440\u0435 Windows. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Windows, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u00ab\u0441\u0435\u043c\u0435\u0440\u043a\u0438\u00bb \u0438 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u043c \u0440\u0435\u043b\u0438\u0437\u043e\u043c Windows 10.\n\nhttps://www.securitylab.ru/news/513641.php", "creation_timestamp": "2020-11-01T16:26:01.000000Z"}, {"uuid": "655a1126-6818-466b-8452-f3abf58d96d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "exploited", "source": "https://t.me/true_secator/1538", "content": "\u200b\u200b\u0412 \u044f\u043d\u0432\u0430\u0440\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 Google Project Zero \u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u044b \u0441\u0435\u0440\u0438\u0438 \"\u0412 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435\" \u043f\u0440\u043e \u0441\u0432\u043e\u044e \u043d\u043e\u0432\u0443\u044e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u044d\u0442\u043e\u0439 \u0441\u0430\u043c\u043e\u0439 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \n\n\u0412 \u0446\u0438\u043a\u043b\u0435 \u0438\u0437 \u0448\u0435\u0441\u0442\u0438 \u0441\u0442\u0430\u0442\u0435\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043f\u0440\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2020 \u0433\u043e\u0434\u0430 \u043a\u0438\u0431\u0435\u0440\u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows \u0438 Android \u0447\u0435\u0440\u0435\u0437 \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 \u0432\u043e\u0434\u043e\u043f\u043e\u0439. \u0422\u043e\u0433\u0434\u0430 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0441\u0440\u0430\u0437\u0443 \u0447\u0435\u0442\u044b\u0440\u0435 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0447\u0442\u043e \u0441\u0430\u043c\u043e \u043f\u043e \u0441\u0435\u0431\u0435 \u0432\u0435\u0441\u044c\u043c\u0430 \u043a\u0440\u0443\u0442\u043e.\n\n\u041d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e \u0430\u0442\u0440\u0438\u0431\u0443\u0446\u0438\u0438 \u0430\u0432\u0442\u043e\u0440\u0430 \u044d\u0442\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 Google \u0442\u043e\u0433\u0434\u0430 \u043d\u0435 \u043f\u0440\u0438\u0432\u0435\u043b\u0438. \u0421\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430\u0448\u043b\u0438 \u043a\u0443\u0441\u043e\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043a\u0430\u043a\u043e\u0439-\u0442\u043e \u043a\u0440\u0443\u0442\u043e\u0439 \u0438 \u0445\u043e\u0440\u043e\u0448\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u043d\u043e\u0439 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0435\u0435 \u0432\u0441\u0435\u0433\u043e \u043f\u0440\u043e\u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 APT. \u041d\u043e \u0442\u0430\u043a \u0438 \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0445\u043e\u0442\u044c \u043a\u0430\u043a\u0438\u0435-\u0442\u043e \u0432\u044b\u0432\u043e\u0434\u044b \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0430 \u0438 \u0446\u0435\u043b\u0435\u0439 \u0432\u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u0412\u0447\u0435\u0440\u0430 Google Project Zero \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u043e\u0442\u0447\u0435\u0442, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043f\u0440\u043e \u043d\u043e\u0432\u0443\u044e \u043a\u0438\u0431\u0435\u0440\u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u044d\u0442\u043e\u0439 \u0436\u0435 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u043c\u0438 \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430. \u0418 \u0432 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 APT (\u0430 \u043c\u044b \u0431\u0443\u0434\u0435\u043c \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u043f\u0440\u043e\u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u0430\u044f APT) \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0443\u0436\u0435 \u0441\u0435\u043c\u044c (!) 0-day.\n\nProject Zero \u043d\u0430\u0448\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0432\u043e\u0434\u043e\u043f\u043e\u0439 \u043b\u0435\u0433\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438 \u043f\u043e\u0441\u0435\u0442\u0438\u0432\u0448\u0438\u0445 \u0438\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u043e\u0434\u0438\u043d \u0438\u0437 \u0434\u0432\u0443\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432. \u041a\u0430\u0436\u0434\u044b\u0439 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0441\u0432\u043e\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0442\u043e\u0433\u043e, \u0438\u0437-\u043f\u043e\u0434 \u043a\u0430\u043a\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e.\n\n\u0421\u0435\u0440\u0432\u0435\u0440 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u21161 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u0440\u0430\u0436\u0430\u043b \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 iOS \u0438 Windows, \u043e\u0434\u043d\u0430\u043a\u043e \u043a\u043e\u0433\u0434\u0430 \u0432\u0442\u043e\u0440\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0431\u044b\u043b \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d (\u0441\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u0441\u0430\u043c\u0438\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u043c\u0438 \u043f\u0440\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u043a \u043d\u0438\u043c \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0430 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439) \u043e\u043d \u043d\u0430\u0447\u0430\u043b \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 CVE-2020-16009 \u043a Android. \u041e\u0441\u0442\u0430\u0432\u0430\u043b\u0441\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u043c \u0431\u043e\u043b\u0435\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u0441 \u0442\u043e\u0433\u043e \u043c\u043e\u043c\u0435\u043d\u0442\u0430, \u043a\u0430\u043a \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0441\u0442\u0430\u043b\u0438 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b. \n\n\u0421\u0435\u0440\u0432\u0435\u0440 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u21162 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Android \u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0441\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u043c \u043b\u0438\u0448\u044c 36 \u0447\u0430\u0441\u043e\u0432 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0431\u044b\u043b \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d. \n\n\u0412\u0441\u0435\u0433\u043e Project Zero \u0441\u043c\u043e\u0433\u043b\u0438 \u0441\u043e\u0431\u0440\u0430\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b:\n1. \u041e\u0434\u043d\u0430 \u043f\u043e\u043b\u043d\u0430\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043d\u0430 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0443\u044e Windows 10 \u0441 Google Chrome.\n2. \u0414\u0432\u0435 \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u044b\u0435 \u0446\u0435\u043f\u043e\u0447\u043a\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 Android \u0441 Google Chrome \u0438\u043b\u0438 Samsung Browser.\n3. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b RCE \u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043b\u044f iOS 11-13. \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0433\u043e\u0432\u043e\u0440\u044f\u0442, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u0440\u0443\u0433\u0438\u0445 \u041e\u0421 \u043e\u043d\u0438 \u043d\u0435 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0435\u043b\u044c\u0437\u044f \u0441\u043a\u0430\u0437\u0430\u0442\u044c \u043e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u043e \u0431\u044b\u043b\u0438 \u0438\u043b\u0438 \u043d\u0435 \u0431\u044b\u043b\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0434\u043b\u044f Linux. \n\n\u0412\u0441\u0435\u0433\u043e ProjectZero \u043d\u0430\u0448\u043b\u0438 \u0441\u0435\u043c\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u041f\u0440\u0438 \u0447\u0435\u043c \u043d\u0435 \u0444\u0430\u043a\u0442, \u0447\u0442\u043e \u044d\u0442\u043e \u0432\u0441\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438. \u0412 \u043e\u0434\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \"\u043d\u0430\u043b\u0435\u0442\u0443\" \u043c\u0435\u043d\u044f\u0442\u044c \u043e\u0434\u0438\u043d \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u0434\u0440\u0443\u0433\u0438\u043c (CVE-2020-15999 \u043d\u0430 CVE-2020-16009), \u043a\u043e\u0433\u0434\u0430 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c \u041f\u041e.\n\n\u041d\u0438\u043a\u0430\u043a\u0438\u0445 \u043d\u043e\u0432\u044b\u0445 \u0434\u043e\u0433\u0430\u0434\u043e\u043a \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0442\u043e\u0433\u043e, \u043a\u0442\u043e \u0441\u0442\u043e\u0438\u0442 \u0437\u0430 \u043a\u0438\u0431\u0435\u0440\u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u043c\u0438, \u043d\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u043e\u0441\u044c. \u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0447\u0442\u043e \u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u044d\u0442\u043e \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0438\u043b\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0437\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0441\u0442\u043e\u044f\u043b\u0438 \u0440\u0430\u0437\u043d\u044b\u0435 \u0430\u043a\u0442\u043e\u0440\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043e.\n\n\u041a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043f\u0440\u043e\u0444\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0446\u0435\u043b\u0435\u0439 Google Project Zero \u043f\u043e \u043a\u0430\u043a\u0438\u043c-\u0442\u043e \u043f\u0440\u0438\u0447\u0438\u043d\u0430\u043c \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442. \u0418 \u044d\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438\u0431\u0430\u0432\u043b\u044f\u0435\u0442 \u0437\u0430\u0433\u0430\u0434\u043e\u043a \u0432\u0441\u0435\u043c\u0443 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0435\u043c\u0443.\n\n\u041f\u043b\u044e\u0441 \u043e\u0434\u0438\u043d\u0430\u0434\u0446\u0430\u0442\u044c 0-day \u043c\u0435\u043d\u044c\u0448\u0435 \u0447\u0435\u043c \u0437\u0430 \u0433\u043e\u0434. \u0420\u0435\u043f\u0442\u0438\u043b\u043e\u0438\u0434\u044b?", "creation_timestamp": "2021-03-19T09:13:43.000000Z"}, {"uuid": "d4e7b92b-aa08-4c60-b30a-414ac385d793", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2943", "content": "In-the-Wild Series: October 2020 0-day discovery for Android, Windows, iOS devices\nhttps://googleprojectzero.blogspot.com/2021/03/in-wild-series-october-2020-0-day.html\nPoCs:\nCVE-2020-15999\u00a0- Chrome Freetype heap buffer overflow\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2103\nCVE-2020-17087\u00a0- Windows heap buffer overflow in cng.sys\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2104\nCVE-2020-16009\u00a0- Chrome type confusion in V8\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2106\nCVE-2020-16010/16011\u00a0- Chrome heap buffer overflow\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2112\nCVE-2020-27930\u00a0- Safari arbitrary stack read/write\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2105\nCVE-2020-27950\u00a0- iOS XNU kernel memory disclosure\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2108\nCVE-2020-27932\u00a0- iOS kernel type confusion\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2107", "creation_timestamp": "2022-06-03T18:52:35.000000Z"}, {"uuid": "84a3594f-2487-4fa2-a452-17888324b55a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2358", "content": "#Analytics\nTop-10 exploited vulnerabilities in July-December 2020:\n1. CVE-2020-0601 - CurveBall CryptoAPI\nhttps://t.me/cybersecuritytechnologies/628\n2. CVE-2019-17026/CVE-2020-0674 - 0-Day Vulnerability in Mozilla Firefox\nhttps://t.me/cybersecuritytechnologies/914\n3. CVE-2020-0796 - Windows SMBv3 LPE exploit\nhttps://t.me/cybersecuritytechnologies/874\n4. CVE-2020-1472 - Microsoft Zerologon\nhttps://t.me/cybersecuritytechnologies/1742\n5. CVE-2020-5902/5903 - F5 BigIP TMUI Critical RCE\nhttps://t.me/cybersecuritytechnologies/1378\n6. CVE-2018-10561 - Dasan GPON Router Auth. Bypass\nhttps://t.me/cybersecuritytechnologies/51\n7. CVE-2020-1350 - Exploit SIGRed\nhttps://t.me/cybersecuritytechnologies/1422\n8. CVE-2020-15999 + CVE-2020-17087 = Win Kernel cng.sys buffer overflow 0-Day\nhttps://t.me/cybersecuritytechnologies/1960\nhttps://t.me/cybersecuritytechnologies/2010\n9. CVE-2020-16898 - \"Bad Neighbor\" RCE Vulnerability\nhttps://t.me/cybersecuritytechnologies/1912\n10. CVE-2020-1938 - \"Ghostcat\" Apache Tomcat\nhttps://t.me/cybersecuritytechnologies/705", "creation_timestamp": "2025-01-04T20:00:34.000000Z"}, {"uuid": "4cec27d8-fe8c-46c8-ac0f-5e4c490c6252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1960", "content": "#exploit\nCVE-2020-15999:\nMemory Corruption bug in FreeType &lt;2.10.4 / Heap buffer overflow due to integer truncation in Load_SBit_Png\nhttps://savannah.nongnu.org/bugs/?59308\n]-&gt; https://github.com/marcinguy/CVE-2020-15999", "creation_timestamp": "2025-01-27T23:05:10.000000Z"}, {"uuid": "296f02bf-06ca-4d95-9d1d-c8bd8b64726c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15999", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2010", "content": "#exploit\nCVE-2020-17087:\nWindows 7 - Win10 1903 Kernel Cryptography Driver (cng.sys) pool-based buffer overflow in IOCTL\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2104\n+ CVE-2020-15999 = 0-day.", "creation_timestamp": "2022-08-02T15:40:43.000000Z"}]}