14 matches found
RustSec Advisory
Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...
PT-2025-30476
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 141 Firefox ESR versions prior to 115.26 Firefox ESR versions prior to 128.13 Firefox ESR versions prior to 140.1 Thunderbird versions prior to 141 Thunderbird versions prior to 128.13 Thunderbird versions prior to...
CVE-2025-38280
CVE-2025-38280 affects the Linux kernel’s BPF/JIT path. When a BPF program is compiled with JIT and CONFIG_BPF_JIT_ALWAYS_ON is not set while bpf_jit_enable is 1, the arch may attempt JIT the program, fail due to FAULT_INJECTION, and incorrectly treat the program as valid, causing a WARN_ON_ONCE ...
AZL-65535 CVE-2024-25177 affecting package luajit for versions less than 2.1.0-28
LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an unsinking of IRFSTORE for NULL metatable, which leads to Denial of Service DoS...
AZL-65370 CVE-2024-25176 affecting package luajit for versions less than 2.1.0-27
LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in ljstrfmtwfnum in ljstrfmtnum.c...
CVE-2025-3517
Incorrect privilege assignment in PAM JIT elevation feature in Devolutions Server 2025.1.5.0 and earlier allows a PAM user to elevate a previously configured user configured in a PAM JIT account via failure to update the internal account’s SID when updating the username...
PT-2025-18693 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2025.1.5.0 and earlier Description: The issue concerns a privilege context switching error in the PAM JIT feature of Devolutions Server. This error allows a PAM JIT account password to be improperly reset after usa...
firefox: JIT corruption of WASM i32 return values on 64-bit CPUs
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...
CVE-2024-3857
The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
CVE-2024-3857
The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
SUSE CVE-2020-15890
LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...
luajit: out-of-bounds read because __gc handler frame traversal is mishandled
A flaw was found in luajit. An out-of-bounds read can occur due to a frame traversal being mishandled...
DEBIAN-CVE-2020-15890
LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...
Pwn2Own Trifecta: Galaxy S9, iPhone X and Xiaomi Mi6 Fall to Hackers
Three major mobile phone models – the Samsung Galaxy S9, iPhone X and the Xiaomi Mi6 – failed to survive the hacker onslaught at this year’s Pwn2Own Tokyo 2018. In all, 18 exploits, with some attacks chaining together as many as five exploits, were used to own the three phones and earn hacker tea...