Lucene search
K

4509 matches found

UbuntuCve
UbuntuCve
added 2024/11/26 12:0 a.m.10 views

CVE-2024-11696

The application failed to account for exceptions thrown by the loadManifestFromFile method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the...

5.4CVSS6.8AI score0.00347EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2024/11/26 12:0 a.m.7 views

CVE-2024-11702

Copying sensitive information from Private Browsing tabs on Android, such as passwords, may have inadvertently stored data in the cloud-based clipboard history if enabled. This vulnerability affects Firefox 133 and Thunderbird 133...

7.5CVSS6.6AI score0.00538EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/11/26 12:0 a.m.4 views

CVE-2024-11701

The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox 133 and Thunderbird 133...

4.3CVSS5.9AI score0.00401EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/11/26 12:0 a.m.9 views

CVE-2024-11706

A null pointer dereference may have inadvertently occurred in pk12util, and specifically in the SECASN1DecodeItemUtil function, when handling malformed or improperly formatted input files. This vulnerability affects Firefox 133 and Thunderbird 133...

6.5CVSS6.4AI score0.0047EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/11/26 12:0 a.m.10 views

CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...

8.1CVSS6.7AI score0.00488EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/11/26 12:0 a.m.11 views

CVE-2024-53976

Under certain circumstances, navigating to a webpage would result in the address missing from the location URL bar, making it unclear what the URL was for the loaded webpage. This vulnerability affects Firefox for iOS 133...

5.4CVSS5.9AI score0.00294EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/11/26 12:0 a.m.8 views

CVE-2024-11697

When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...

8.8CVSS6.8AI score0.00762EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2024/11/26 12:0 a.m.10 views

CVE-2024-11705

NSCDeriveKey inadvertently assumed that the phKey parameter is always non-NULL. When it was passed as NULL, a segmentation fault SEGV occurred, leading to crashes. This behavior conflicted with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanisms. This vulnerability...

9.1CVSS6.8AI score0.00659EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.5 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.00355EPSS
Exploits0References10Affected Software4
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.3 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.2AI score0.00489EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/22 12:0 a.m.4 views

PT-2024-41125 · Git · V8

Outdated dependency on V8 found see policy. Please update to the latest beta, stable, or extended stable versions...

7.2AI score
Exploits0References1
OSV
OSV
added 2024/11/19 8:15 p.m.1 views

DEBIAN-CVE-2024-11395

Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.2AI score0.00355EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.2 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by type confusion in V8. An attacker can exploit the vulnerability to execute arbitrary code on the system...

8.8CVSS8AI score0.00355EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.4 views

The vulnerability of the JavaScript engine in the Firefox web browser, related to memory usage after it is freed, allows attackers to gain access to confidential data.

The vulnerability of the JavaScript engine in the Firefox web browser is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data...

7.8CVSS7.4AI score0.0047EPSS
Exploits0References7Affected Software3
UbuntuCve
UbuntuCve
added 2024/11/06 9:15 p.m.10 views

CVE-2024-10941

A malicious website could have included an iframe with an malformed URI resulting in a non-exploitable browser crash. This vulnerability affects Firefox 126...

6.5CVSS6.1AI score0.00389EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/10/29 12:0 a.m.6 views

CVE-2024-10463

Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...

7.5CVSS6.8AI score0.00701EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2024/10/29 12:0 a.m.6 views

CVE-2024-10458

A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...

7.5CVSS6.8AI score0.00611EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2024/10/29 12:0 a.m.11 views

CVE-2024-10468

Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox 132 and Thunderbird 132...

9.8CVSS6.1AI score0.00399EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/10/29 12:0 a.m.13 views

CVE-2024-10459

An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...

7.5CVSS6.9AI score0.00597EPSS
Exploits0References8
CNVD
CNVD
added 2024/10/25 12:0 a.m.8 views

Google Chrome Code Execution Vulnerability (CNVD-2025-00213)

Google Chrome is a web browser of Google Google, U.S. V8 is one of the open source JavaScript engine. A code execution vulnerability exists in Google Chrome, which is caused by type obfuscation in V8. An attacker can exploit the vulnerability to execute arbitrary code on the system...

8.8CVSS7.3AI score0.00628EPSS
Exploits0References1
Rows per page
Query Builder