Linux Distros Unpatched Vulnerability : CVE-2015-1304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows...

Linux Distros Unpatched Vulnerability : CVE-2017-5071

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remot...

PT-2025-33889

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 139.0.7258.138 Description An out-of-bounds write issue exists in the V8 JavaScript engine. This flaw allows a remote attacker to potentially exploit heap corruption—a condition where memory allocated in the hea...

KLA86790 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerability in...

Mozilla多款产品 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source Web browser. Mozilla Thunderbird is a separate set of Mozilla Application Suite Email client software. The program supports IMAP, POP mail protocols, and HTML mail...

Mozilla Firefox ESR < 128.14

The version of Firefox ESR installed on the remote Windows host is prior to 128.14. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-66 advisory. - Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1,...

Linux Distros Unpatched Vulnerability : CVE-2014-7931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service memory corruption or possibly have...

Linux Distros Unpatched Vulnerability : CVE-2017-5088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a...

Linux Distros Unpatched Vulnerability : CVE-2016-1679

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ToV8Value function in content/child/v8valueconverterimpl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getter...

Linux Distros Unpatched Vulnerability : CVE-2016-1653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial...

Linux Distros Unpatched Vulnerability : CVE-2015-6771

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73, improperly implements certain map and filter operations for arrays, which allows remote...

Linux Distros Unpatched Vulnerability : CVE-2018-6056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code insid...

Mozilla Firefox ESR < 140.2

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-67 advisory. - Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ES...

Mozilla -- Uninitialized memory

[email protected] reports: Uninitialized memory in the JavaScript Engine component...

KLA86791 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Uninitialized memory vulnerability in t...

Mozilla Thunderbird < 142.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 142.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-70 advisory. - Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of...

Security Vulnerabilities fixed in Firefox ESR 140.2 — Mozilla

An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. Same-origin policy bypass in the Graphics: Canvas2D component. Uninitialized memory ...

Linux Distros Unpatched Vulnerability : CVE-2017-5122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via...

Linux Distros Unpatched Vulnerability : CVE-2017-15399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2016-1612

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performi...