CVE-2021-29961

When styling and rendering an oversized element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox 89...

Cesanta MJS Stack Overflow Vulnerability (CNVD-2021-38649)

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parsemuldivrem in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS stack overflow vulnerability (CNVD-2021-38653)

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parseequality in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A stack overflow vulnerability exists in parsearray in Cesanta MJS version 1.20.1...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parsestatement in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for resource-constrained microcontrollers. A stack overflow vulnerability exists in parsestatementlist in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via a specially crafted file to cause a denial of servi...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parsevalue in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for resource-constrained microcontrollers. A stack overflow vulnerability exists in parseunary in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

CVE-2021-21822

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

CVE-2021-21822

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

Design/Logic Flaw

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

CVE-2021-21822

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

CVE-2021-21822

CVE-2021-21822 is a use-after-free in Foxit Software’s PDF Reader JavaScript engine (notably around Foxit Reader/PhantomPDF, versions including 10.1.3.37598). A specially crafted PDF can reuse freed memory, enabling arbitrary code execution when the user opens a malicious file or site with the br...

USN-4939-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

Google Chrome 安全漏洞

Google Chromium is an open source web browser from Google USA. A security vulnerability previously existed in Google Chromium version 90.0.4430.212. The vulnerability stems from a type obfuscation security issue found in the V8 component of the program. No details of the vulnerability are provide...

Foxit Reader FileAttachment annotation use-after-free vulnerability

Summary A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into openi...

DEBIAN-CVE-2021-21231

Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2021-21231

Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

DEBIAN-CVE-2021-21225

Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2021-21222

Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...