CVE-2024-0754

Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox 122...

CVE-2024-0745

The WebAudio OscillatorNode object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox 122...

CVE-2024-0746

A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

CVE-2024-0751

A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

AlmaLinux 9 : java-21-openjdk (ALSA-2024:0249)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0249 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

Update your browser: Security fixes for latest Chrome zero-day

News, Security Update your browser: Security fixes for latest Chrome zero-day Share January 18th, 2024 Hi everyone! The latest patches to the Opera, Opera GX, Opera Crypto, and Opera for Android browsers address several recent vulnerabilities, including a zero-day exploit CVE-2024-0519. We...

Important: java-11-amazon-corretto

Issue Overview: A vulnerability that allows an attacker to execute arbitrary java code from the javascript engine even though the option "--no-java" was set. CVE-2024-20918 With carefully crafted custom bytecodes, arbitrary unverified bytecodes could be executed. CVE-2024-20919 Loop optimizations...

Important: java-21-amazon-corretto

Issue Overview: A vulnerability that allows an attacker to execute arbitrary java code from the javascript engine even though the option "--no-java" was set. CVE-2024-20918 With carefully crafted custom bytecodes, arbitrary unverified bytecodes could be executed. CVE-2024-20919 Loop optimizations...

DEBIAN-CVE-2024-0518

Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

PT-2024-6073 · Google +4 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 121.0.6167.139 Description: The issue is related to an out of bounds read in the V8 component of Google Chrome, allowing a remote attacker to potentially access confidential data by using a specially crafted HT...

PT-2024-1166

The vulnerable software is Google Chrome, specifically the V8 JavaScript engine, which is also used in other Chromium-based browsers such as Microsoft Edge, Brave, and Opera. The issue is an out-of-bounds memory access vulnerability that can be exploited by attackers to trigger crashes or execute...

Cesanta MJS 安全漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. A denial of service vulnerability exists in Cesanta MJS version 2.20.0, which is caused by a flaw in the mjs+0x4ec508 component. An attacker could exploit this vulnerability to cause a denial of service...

Cesanta MJS 安全漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. Designed for microcontrollers with limited resources. The main design goals were a small footprint and simple C/C++ interoperability. Cesanta MJS has a denial of service vulnerability that can be exploited by an attacker...

CVE-2023-6859

A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

CVE-2023-6858

Firefox was susceptible to a heap buffer overflow in nsTextFragment due to insufficient OOM handling. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

CVE-2023-6871

Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox 121...

CVE-2023-6866

TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox 121...

CVE-2023-6856

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

CVE-2023-6873

Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 121...

SUSE CVE-2023-6702

Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...