Nginx 安全漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx, Inc. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS 0.7.5, which stems from a segmentation violation in...

The vulnerability of the njs_array_prototype_sort() function in the njs interpreter of the nginx server allows a hacker to cause a service failure.

The vulnerability of the njsarrayprototypesort function in the njs interpreter of the nginx server is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

Google Patches Actively Exploited Chrome Bug

While people were celebrating the Fourth of July holiday in the United States, Google quietly rolled out a stable channel update for Chrome to patch an actively exploited zero-day vulnerability, the fourth such flaw the vendor has had to patch in its browser product so far this year. Chrome 103...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. and V8 is an open source JavaScript engine. A security vulnerability exists in Google Chrome that stems from type obfuscation in V8...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

Nginx 资源管理错误漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx, Inc. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS version v0.7.2, which stems from a segmentation violati...

CVE-2022-21122

The package metacalc before 0.0.2 are vulnerable to Arbitrary Code Execution when it exposes JavaScript's Math class to the v8 context. As the Math class is exposed to user-land, it can be used to get access to JavaScript's Function constructor...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to disclose protected information.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information through a specially created web page...

CVE-2022-31748

Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited ...

Experts Detail New RCE Vulnerability Affecting Google Chrome Dev Channel

Details have emerged about a recently patched critical remote code execution vulnerability in the V8 JavaScript and WebAssembly engine used in Google Chrome and Chromium-based browsers. The issue relates to a case of use-after-free in the instruction optimization component, successful exploitatio...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. and V8 is an open source JavaScript engine. A security vulnerability exists in Google Chrome, which is caused by a type-obfuscation error in a V8 component. A remote attacker can trick a victim into visiting a specially crafted web page to exploit...

UBUNTU-CVE-2022-30974

compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413...

ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235,...

ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230,...

ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0223...

GHSA-6P7Q-85QQ-7C43 ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230,...

ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230,...

GHSA-P3RW-88PP-W4JH ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230,...

ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230,...

GHSA-8V2H-4JPM-3WFM ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability"...