349 matches found
CVE-2024-1248
The silent Just-In-Time JIT provisioning feature in federated authentication implementations fails to properly segregate user roles during account creation when a federated user shares a username with a local user. This allows the provisioning process to overwrite existing roles of local users wi...
EUVD-2024-55648
The silent Just-In-Time JIT provisioning feature in federated authentication implementations fails to properly segregate user roles during account creation when a federated user shares a username with a local user. This allows the provisioning process to overwrite existing roles of local users wi...
firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...
CVE-2026-53110
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter JIT Just-In-Time compiler for the s390x architecture. The system's Application Binary Interface ABI requires that unsigned arguments and return values be zero-extended. However, the BPF JIT compiler incorrectly performed only sign...
Linux Distros Unpatched Vulnerability : CVE-2026-53036
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf, arm64: Fix off-by-one in checkimm signed range check checkimmbits, imm is used in the arm64 BPF JIT to verify that a branch displacement in arm64 instructi...
EUVD-2026-38904
In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix off-by-one in checkimm signed range check checkimmbits, imm is used in the arm64 BPF JIT to verify that a branch displacement in arm64 instruction units fits into the signed N-bit immediate field of a B, B.cond or...
Astra Linux – Vulnerability in Firefox and Thunderbird
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in Firefox and Thunderbird
JIT compilation errors, use-after-free in the JavaScript Engine: JIT components. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Oracle Linux 9 : webkit2gtk3 (ELSA-2026-19206)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19206 advisory. 2.52.3-1 - Update to 2.52.3 2.50.4-1 - Update to 2.50.4 2.50.3-1 - Update to 2.50.3 2.50.1-1 - Update to 2.50.1 2.50.0-1 - Update to 2.50.0 2.48.5-1 -...
firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix for constant blinding in PROBEMEM32 stores The immediate stores of BPFST|BPFMEM32 are not handled by bpfjitblindinsn. This allows user-controlled 32-bit immediate values to survive blinding and be included in JIT-compile...
Astra Linux – Vulnerability in Firefox
In some cases, JIT-compiled code might have dereferenced a wild pointer value. This could lead to a exploitable crash. This vulnerability affects Firefox versions earlier than 122...
Astra Linux – Vulnerability in Firefox
In certain cases, JIT incorrectly optimized MSubstr operations, resulting in out-of-bounds reads. This vulnerability affects Firefox versions less than 125...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fixed potential NULL dereferencing. The bpfjitbinaryfree function requires a non-NULL argument. When the RISC-V BPF JIT fails to converge within NRJITITERATIONS steps, jitdata-header will be NULL, triggering a NULL...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid bpfprogret0warn when JIT fails Syzkaller reported an issue: WARNING: CPU: 3 PID: 217 at kernel/bpf/core.c:2357 bpfprogret0warn+0xa/0x20 kernel/bpf/core.c:2357 Linked modules: CPU: 3 UID: 0 PID: 217 Comm: kworker/u32:6...
Astra Linux – Vulnerability in Firefox and Thunderbird
Sometimes, when invalidating JIT code while using an iterator, the newly generated code might be incorrectly overwritten. This could lead to a potentially exploitable crash. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...
firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...
firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...
firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...
CVE-2026-12321 JIT miscompilation in the JavaScript: WebAssembly component
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...