Lucene search
K

4509 matches found

UbuntuCve
UbuntuCve
added 2024/09/03 1:15 p.m.5 views

CVE-2024-8383

Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader...

7.5CVSS7.1AI score0.00637EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2024/09/03 1:15 p.m.3 views

CVE-2024-8386

If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2...

6.1CVSS6.8AI score0.00366EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2024/09/03 1:15 p.m.17 views

CVE-2024-8381

A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment. This vulnerability affects Firefox 130, Firefox ESR 128.2, Firefox ESR 115.15, Thunderbird 128.2, and Thunderbird 115.15...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2024/09/03 1:15 p.m.8 views

CVE-2024-8389

Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 130...

9.8CVSS7.3AI score0.00489EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/09/02 12:0 a.m.5 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an out-of-bounds write vulnerability that stems from an out-of-bounds issue with the V8 component. An attacker can exploit this vulnerability to execute arbitrary code on the system...

8.8CVSS7.8AI score0.00491EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2024/08/22 3:12 a.m.2 views

SUSE CVE-2024-7969

Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.1AI score0.00474EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2024/08/22 3:12 a.m.2 views

SUSE CVE-2024-7972

Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.7AI score0.00553EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/08/22 3:12 a.m.3 views

SUSE CVE-2024-7974

Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS7.1AI score0.0046EPSS
Exploits0References5
OSV
OSV
added 2024/08/21 9:15 p.m.1 views

DEBIAN-CVE-2024-7971

Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. Chromium security severity: High...

9.6CVSS8.2AI score0.19272EPSS
Exploits2References1
OSV
OSV
added 2024/08/21 9:15 p.m.2 views

DEBIAN-CVE-2024-7965

Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.5AI score0.17227EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.5 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc.V8 is an open source JavaScript engine, and Autofill is an autofill form plugin. A security vulnerability exists in Google Chrome version 128.0.6613.84 and prior versions, which stems from a reuse-after-release issue that contains a...

8.8CVSS8.6AI score0.0056EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/21 12:0 a.m.14 views

PT-2024-6164 · Google +4 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 128.0.6613.84 Description: The vulnerability is an inappropriate implementation bug in the V8 JavaScript and WebAssembly engine, which could allow a remote attacker to potentially exploit heap corruption via a...

10CVSS7.3AI score0.19272EPSS
Exploits61References617
Positive Technologies
Positive Technologies
added 2024/08/18 12:0 a.m.7 views

PT-2024-5917 · Google +4 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 128.0.6613.113 Description: The issue is related to a type confusion in the V8 JavaScript engine of Google Chrome, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML...

9.6CVSS8.4AI score0.19272EPSS
Exploits27References264
SUSE CVE
SUSE CVE
added 2024/08/17 1:53 a.m.1 views

SUSE CVE-2024-36461

Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine...

9.1CVSS7AI score0.00755EPSS
Exploits0References5
NVD
NVD
added 2024/08/15 9:15 p.m.34 views

CVE-2024-43367

Boa is an embeddable and experimental Javascript engine written in Rust. Starting in version 0.16 and prior to version 0.19.0, a wrong assumption made when handling ECMAScript's AsyncGenerator operations can cause an uncaught exception on certain scripts. Boa's implementation of AsyncGenerator...

7.5CVSS0.00597EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/08/15 8:38 p.m.42 views

CVE-2024-43367 Boa has an uncaught exception when transitioning the state of `AsyncGenerator` objects

Boa is an embeddable and experimental Javascript engine written in Rust. Starting in version 0.16 and prior to version 0.19.0, a wrong assumption made when handling ECMAScript's AsyncGenerator operations can cause an uncaught exception on certain scripts. Boa's implementation of AsyncGenerator...

7.5CVSS0.00597EPSS
Exploits0References3
NVD
NVD
added 2024/08/15 7:15 p.m.42 views

CVE-2024-43357

ECMA-262 is the language specification for the scripting language ECMAScript. A problem in the ECMAScript JavaScript specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security vulnerability, such as type...

8.6CVSS0.00601EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/08/15 6:36 p.m.33 views

CVE-2024-43357 JavaScript specification issue may lead to type confusion and pointer dereference in implementations

ECMA-262 is the language specification for the scripting language ECMAScript. A problem in the ECMAScript JavaScript specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security vulnerability, such as type...

8.6CVSS8.4AI score0.00601EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/08/15 6:36 p.m.47 views

CVE-2024-43357 JavaScript specification issue may lead to type confusion and pointer dereference in implementations

ECMA-262 is the language specification for the scripting language ECMAScript. A problem in the ECMAScript JavaScript specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security vulnerability, such as type...

8.6CVSS0.00601EPSS
Exploits0References10
AlpineLinux
AlpineLinux
added 2024/08/12 1:38 p.m.29 views

CVE-2024-36461

Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine...

9.1CVSS7.2AI score0.00755EPSS
Exploits0
Rows per page
Query Builder