Lucene search
K

4508 matches found

UbuntuCve
UbuntuCve
added 2025/03/04 2:15 p.m.13 views

CVE-2025-1933

On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

7.6CVSS7.2AI score0.00294EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/03/04 2:15 p.m.8 views

CVE-2025-1941

Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed distinct from CVE-2025-0245. This vulnerability was fixed in Firefox 136...

9.1CVSS6AI score0.00341EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/03/04 2:15 p.m.9 views

CVE-2025-1942

When String.toUpperCase caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string. This vulnerability was fixed in Firefox 136 and Thunderbird 136...

9.8CVSS6.9AI score0.00446EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/03/04 2:15 p.m.10 views

CVE-2025-27425

Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...

4.3CVSS5.8AI score0.00215EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/03/04 2:15 p.m.5 views

CVE-2025-1931

It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

7.5CVSS7.2AI score0.00497EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/03/04 12:0 a.m.4 views

PT-2025-9735 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 134.0.6998.35 Description: The issue is an out-of-bounds read in the V8 JavaScript engine in Google Chrome, allowing a remote attacker to perform out-of-bounds memory access via a crafted HTML page. This has a...

10CVSS6.1AI score0.00415EPSS
Exploits0References96
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2011-0054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to...

10CVSS7.7AI score0.04554EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/02 12:0 a.m.5 views

PT-2025-10636

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 134.0.6998.88 Description A type confusion issue exists in the V8 JavaScript engine. This flaw allows a remote attacker to potentially cause heap corruption—a condition where memory is incorrectly allocated or...

10CVSS7.6AI score0.06387EPSS
Exploits1References67
SUSE CVE
SUSE CVE
added 2025/02/20 2:31 p.m.1 views

SUSE CVE-2025-0999

Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00648EPSS
Exploits0References5
OSV
OSV
added 2025/02/15 2:15 a.m.1 views

DEBIAN-CVE-2025-0995

Use after free in V8 in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.2AI score0.0046EPSS
Exploits0References1
Snyk
Snyk
added 2025/02/15 1:42 a.m.2 views

Use After Free

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Use After Free through the V8 engine. An attacker can potentially exploit heap corruption by crafting a...

8.8CVSS6.9AI score0.0046EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Zabbix

Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine...

9.1CVSS7.8AI score0.00755EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/06 4:12 a.m.14 views

CVE-2021-40420

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

8.8CVSS7.1AI score0.04687EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2025/02/06 12:0 a.m.12 views

CVE-2025-1009

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

9.8CVSS7.3AI score0.01163EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2025/02/06 12:0 a.m.12 views

CVE-2025-1011

A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

9.8CVSS7.3AI score0.00585EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/02/05 7:54 p.m.9 views

CVE-2022-22150

A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger an exception which is improperly handled, leaving the engine in an invalid state, which can lead to memory corruption and arbitrary...

8.8CVSS7.3AI score0.01795EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:54 p.m.10 views

CVE-2019-5131

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick t...

8.8CVSS7.2AI score0.02422EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:46 p.m.6 views

CVE-2020-13557

A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

8.8CVSS7.2AI score0.71145EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 1:42 p.m.8 views

CVE-2020-13547

A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to...

8.8CVSS7.3AI score0.02869EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 12:40 p.m.9 views

CVE-2024-43357

ECMA-262 is the language specification for the scripting language ECMAScript. A problem in the ECMAScript JavaScript specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security vulnerability, such as type...

8.6CVSS6.4AI score0.00656EPSS
Exploits0References1
Rows per page
Query Builder