Linux Distros Unpatched Vulnerability : CVE-2013-6650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote...

Linux Distros Unpatched Vulnerability : CVE-2013-6668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service...

Microsoft Edge (Chromium) < 139.0.3405.102 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 139.0.3405.102. It is, therefore, affected by multiple vulnerabilities as referenced in the August 15, 2025 advisory. - Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to...

CVE-2025-8033

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...

CVE-2025-8033 Incorrect JavaScript state machine for generators

The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...

CVE-2025-8033

The CVE-2025-8033 issue is a memory-safety bug in Mozilla’s JavaScript engine where closing generators could be resumed, causing a null pointer dereference. Affected products include Firefox and Thunderbird forks across multiple release lines (Firefox &lt; 141, ESR tracks &lt;115.26, &lt;128.13, ...

Adobe Dreamweaver V8 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dreamweaver. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JavaScript...

CVE-2021-40420

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

Update your browser: Security fixes for latest Chrome zero-day

News, Security Update your browser: Security fixes for latest Chrome zero-day Share January 18th, 2024 Hi everyone! The latest patches to the Opera, Opera GX, Opera Crypto, and Opera for Android browsers address several recent vulnerabilities, including a zero-day exploit CVE-2024-0519. We...

Unspecified Vulnerability in JerryScript (CNVD-2021-42986)

JerryScript is a lightweight JavaScript engine . A security vulnerability exists in parserparseexpression in js-parser-expr.c:3565 in JerryScript version 2.2.0. No details of the vulnerability are provided at this time...

UBUNTU-CVE-2020-16006

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine, related to the execution of operations beyond the buffer in memory, allows attackers to trigger a service failure.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to incorrect implementation of the engine. Exploiting this vulnerability can allow a malicious actor to cause service failures...

chromium-browser: Out of bounds read in V8

Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

The vulnerability in the JavaScript engine of Internet Explorer and Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability in the JavaScript engine of Internet Explorer and Microsoft Edge is related to improper data processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code under the identity of the current user, during errors in data processing in memory using...

chromium-browser: heap overflow in v8

objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted JavaScript code...

Google Chrome Denial of Service Vulnerability (CNVD-2015-08299)

Google Chrome is a web browser developed by Google Inc. A security vulnerability exists in Google Chrome versions prior to 47.0.2526.73 and Google V8 versions prior to 4.7.80.23, which can be exploited by attackers to cause a denial of service...

UBUNTU-CVE-2015-8478

Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.73, allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

openSUSE 10 Security Update : seamonkey (seamonkey-2250)

This security update brings Mozilla SeaMonkey to version 1.0.6. Please also see http://www.mozilla.org/projects/security/known-vulnerabilities.html for more details. It includes fixes to the following security problems: MFSA2006-65: Is split into 3 sub-entries, for ongoing stability improvements ...

CVE-2007-0777

The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via certain vectors that trigger memory corruption...

CVE-2006-1742

The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memo...