Unspecified Vulnerability in JerryScript (CNVD-2021-42986)

JerryScript is a lightweight JavaScript engine . A security vulnerability exists in parserparseexpression in js-parser-expr.c:3565 in JerryScript version 2.2.0. No details of the vulnerability are provided at this time...

Unspecified vulnerability in JerryScript (CNVD-2021-42987)

JerryScript is a lightweight JavaScript engine . A security vulnerability exists in parserparsestatements in js-parser-statm.c:2756 in JerryScript version 2.2.0. No details of the vulnerability are provided at this time...

New Chrome 0-Day Bug Under Active Attacks – Update Your Browser ASAP!

Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today. The internet services company has rolled out an urgent update to the browser to address 14 newly discovered...

DEBIAN-CVE-2021-30536

Out of bounds read in V8 in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page...

DEBIAN-CVE-2021-30517

Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

DEBIAN-CVE-2021-30513

Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2021-29961

When styling and rendering an oversized element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox 89...

Cesanta MJS stack overflow vulnerability (CNVD-2021-38653)

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parseequality in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS Stack Overflow Vulnerability (CNVD-2021-38649)

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parsemuldivrem in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for resource-constrained microcontrollers. A stack overflow vulnerability exists in parsestatementlist in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via a specially crafted file to cause a denial of servi...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A stack overflow vulnerability exists in parsearray in Cesanta MJS version 1.20.1...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parsestatement in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for resource-constrained microcontrollers. A stack overflow vulnerability exists in parseunary in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parsevalue in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

CVE-2021-21822

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

CVE-2021-21822

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

Design/Logic Flaw

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

CVE-2021-21822

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

CVE-2021-21822

CVE-2021-21822 is a use-after-free in Foxit Software’s PDF Reader JavaScript engine (notably around Foxit Reader/PhantomPDF, versions including 10.1.3.37598). A specially crafted PDF can reuse freed memory, enabling arbitrary code execution when the user opens a malicious file or site with the br...

USN-4939-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...