1683 matches found
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox that originates when UpdateRegExpStatics attempts to access the initialStringHeap, which may be garbage-collected before it enters the function, which...
PT-2025-40176
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5 Description The Linux kernel contains a flaw in the unix stream sendpage function related to a null pointer dereference. This issue occurs when handling sockets in a specific loop scenario involving garbage...
PT-2025-1558 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the netfilter: nf tables component in the Linux kernel, where the set backend has been adapted to use the GC transaction API. This change replaces the old and buggy ...
inDrive: Bypassing Garbage Collection with Uppercase Endpoint
A vulnerability was discovered in the garbage collection process, allowing the bypass of the "/metrics" endpoint by using uppercase letters. This could potentially lead to unauthorized access to sensitive information or resources and possible data manipulation. Other endpoints with similar patter...
CLSA-2023-1688677355 java-1.8.0-openjdk: Fix of 7 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs: - CVE-2023-21930: Improper connection handling during TLS handshake 8294474 - CVE-2023-21937: Missing string checks for NULL characters 8296622 - CVE-2023-21938: Incorrect handling of NULL characters in...
protobuf-java: Message-Type Extensions parsing issue leads to DoS
A flaw was found in Message-Type Extensions in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbag...
protobuf-java: Textformat parsing issue leads to DoS
A flaw was found in Textformat in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection...
PT-2023-35875 · Git +1 · Mruby
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free READ 4 crash type. The crash state involves obj free, incremental gc, and mrb incremental gc. No informatio...
PT-2023-35864 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free READ 8 crash type. The crash state involves functions such as psi device ref finalize, gs gc reclaim, and...
CVE-2023-29535
Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for Android 112, and...