Lucene search
K

348 matches found

CVE
CVE
added 2026/04/02 11:40 a.m.18 views

CVE-2026-23417

CVE-2026-23417 affects the Linux kernel BPF component where PROBE_MEM32 immediate stores (BPF_ST|BPF_PROBE_MEM32) were not blinded by the JIT constant-blinding path. The root cause is that convert_ctx_accesses() rewrites BPF_ST|BPF_MEM to BPF_ST|BPF_PROBE_MEM32 during verification, but the blindi...

5.5CVSS5.8AI score0.00116EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/01 9:40 a.m.8 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine component...

9.8CVSS7.1AI score0.00474EPSS
Exploits0References6
Fedora
Fedora
added 2026/03/30 12:17 a.m.6 views

[SECURITY] Fedora 44 Update: pypy3.11-7.3.21-3.3.11.fc44

PyPy's implementation of Python 3.11, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

9.8CVSS7.3AI score0.16903EPSS
Exploits3
Fedora
Fedora
added 2026/03/29 12:50 a.m.6 views

[SECURITY] Fedora 43 Update: pypy-7.3.21-3.fc43

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

9.8CVSS7.3AI score0.16903EPSS
Exploits3
Fedora
Fedora
added 2026/03/29 12:18 a.m.5 views

[SECURITY] Fedora 44 Update: pypy3.10-7.3.19-11.3.10.fc44

PyPy's implementation of Python 3.10, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

9.8CVSS7.3AI score0.16903EPSS
Exploits3
Fedora
Fedora
added 2026/03/29 12:18 a.m.6 views

[SECURITY] Fedora 44 Update: pypy-7.3.21-3.fc44

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

9.8CVSS7.3AI score0.16903EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2026/03/26 11:37 a.m.2 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine component...

9.8CVSS7.2AI score0.00474EPSS
Exploits0References6
NVD
NVD
added 2026/03/25 11:16 a.m.7 views

CVE-2026-23383

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing struct bpfplt contains a u64 target field. Currently, the BPF JIT allocator requests an alignment of 4 bytes sizeofu32 for the JIT buffer. Because the ba...

7.8CVSS0.00129EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient alignment of the JIT buffer, potentially leading to atomic tear...

7.8CVSS7AI score0.00129EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/24 12:30 p.m.7 views

CVE-2026-4702 JIT miscompilation in the JavaScript Engine component

JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

7.2AI score0.00474EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/24 12:30 p.m.8 views

CVE-2026-4702

JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

9.8CVSS5.8AI score0.00474EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/03/18 6:16 p.m.6 views

CVE-2025-71270

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References7
CNVD
CNVD
added 2026/03/11 12:0 a.m.5 views

Information Disclosure Vulnerability in Multiple Mozilla Products (CNVD-2026-13443)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An information disclosure vulnerability exists in several Mozilla produc...

7.5CVSS5.8AI score0.00285EPSS
Exploits0References1
NVD
NVD
added 2026/03/10 6:18 p.m.15 views

CVE-2026-30960

rssn is a scientific computing library for Rust, combining a high-performance symbolic computation engine with numerical methods support and physics simulations functionalities. The vulnerability exists in the JIT Just-In-Time compilation engine, which is fully exposed via the CFFI Foreign Functi...

9.4CVSS0.0021EPSS
Exploits0References3
CVE
CVE
added 2026/03/10 5:11 p.m.18 views

CVE-2026-30960

The CVE entry CVE-2026-30960 has a connected advisory GHSA-9C4H-PWMF-M6FJ describing an Arbitrary Code Execution in RSSN via the JIT compilation engine exposed through the CFFI interface. The vulnerability stems from improper input validation and external control of code generation, enabling an a...

9.4CVSS5.9AI score0.0021EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/10 5:11 p.m.7 views

EUVD-2026-10704

rssn is a scientific computing library for Rust, combining a high-performance symbolic computation engine with numerical methods support and physics simulations functionalities. The vulnerability exists in the JIT Just-In-Time compilation engine, which is fully exposed via the CFFI Foreign Functi...

9.4CVSS5.9AI score0.0021EPSS
Exploits0References3
OSV
OSV
added 2026/03/10 1:19 a.m.3 views

GHSA-9C4H-PWMF-M6FJ RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface

Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...

9.4CVSS5.9AI score0.0021EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.10 views

rssn 代码问题漏洞

rssn is a high-performance Rust scientific computing library open source by Apich Organization. rssn has code vulnerabilities, which stem from improper input validation in the JIT compilation engine, potentially allowing arbitrary code execution...

9.4CVSS6.1AI score0.0021EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/03/02 10:59 a.m.10 views

firefox: thunderbird: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component...

9.8CVSS5.7AI score0.00469EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/02 6:15 a.m.5 views

firefox: thunderbird: Use-after-free in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine: JIT component...

9.8CVSS5.7AI score0.00469EPSS
Exploits0References6
Rows per page
Query Builder