Lucene search
K

25 matches found

CVE
CVE
added yesterday7 views

CVE-2026-58592

Vulnerability summary (CVE-2026-58592, Ladybird): A dangling-reference memory-safety flaw in Ladybird’s WebAssembly ESM integration loader. When a JavaScript function is imported into a WebAssembly module via the ESM path, WebAssemblyModule.cpp passes a stack-local Wasm::FunctionType by reference...

8.9CVSS6.4AI score
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-41130

Ladybird contains a dangling-reference memory-safety flaw in its WebAssembly ESM-integration module loader. When a JavaScript function is imported into a WebAssembly module via the ESM path, WebAssemblyModule.cpp passes a stack-local Wasm::FunctionType by reference to createhostfunction, whose ho...

8.9CVSS6.4AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-58592

Ladybird contains a dangling-reference memory-safety flaw in its WebAssembly ESM-integration module loader. When a JavaScript function is imported into a WebAssembly module via the ESM path, WebAssemblyModule.cpp passes a stack-local Wasm::FunctionType by reference to createhostfunction, whose ho...

8.9CVSS6.4AI score
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-14653

Malicious code in bioql PyPI...

9CVSS6.5AI score0.00592EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:41 a.m.6 views

CVE-2024-46482

An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file...

8.2CVSS7.9AI score0.00348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:6 a.m.5 views

CVE-2024-51377

An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk On-Premise and Cloud 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields...

8.8CVSS8AI score0.00448EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/03 1:15 a.m.12 views

CVE-2025-47154

LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that argumentslist references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says "Ladybird is in a pre-alpha state, and only suitable for u...

9CVSS8.2AI score0.00592EPSS
Exploits0References1
NVD
NVD
added 2025/05/01 8:15 a.m.14 views

CVE-2025-47154

LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that argumentslist references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says "Ladybird is in a pre-alpha state, and only suitable for u...

9CVSS0.00592EPSS
Exploits0References3
OSV
OSV
added 2025/05/01 8:15 a.m.6 views

CVE-2025-47154

LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that argumentslist references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says "Ladybird is in a pre-alpha state, and only suitable for u...

9CVSS7.8AI score
Exploits0References3
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.3 views

Ladybird 安全漏洞

Ladybird is a truly standalone web browser from Ladybird Open Source. A security vulnerability exists in versions prior to Ladybird f5a6704, which stems from improper release of vectors referenced by argumentslist, which could lead to post-release reuse and arbitrary code execution...

9CVSS7.3AI score0.00592EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/01 12:0 a.m.11 views

CVE-2025-47154

LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that argumentslist references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says "Ladybird is in a pre-alpha state, and only suitable for u...

9CVSS0.00592EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/05/01 12:0 a.m.6 views

CVE-2025-47154

LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that argumentslist references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says "Ladybird is in a pre-alpha state, and only suitable for u...

9CVSS8.2AI score0.00592EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.5 views

PT-2025-18373 · Ladybird · Ladybird

Name of the Vulnerable Software and Affected Versions: Ladybird versions prior to f5a6704 Description: The issue is related to a use-after-free vulnerability in LibJS, which is part of the Ladybird browser engine. This vulnerability allows remote attackers to execute arbitrary code via a crafted...

9CVSS7.8AI score0.00592EPSS
Exploits0References20
CVE
CVE
added 2025/05/01 12:0 a.m.147 views

CVE-2025-47154

CVE-2025-47154 affects the LibJS component of the Ladybird browser, specifically versions prior to f5a6704. The root cause is improper freeing of the vector referenced by arguments_list, causing a use-after-free. This can allow remote attackers to execute arbitrary code by feeding a crafted .js f...

9CVSS9.3AI score0.00592EPSS
Exploits0References3
OSV
OSV
added 2024/11/01 4:15 p.m.2 views

CVE-2024-51377

An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk On-Premise and Cloud 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields...

5.4CVSS6.1AI score0.00448EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/01 12:0 a.m.22 views

CVE-2024-51377

An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk On-Premise and Cloud 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields...

0.00448EPSS
Exploits1References2
CVE
CVE
added 2024/11/01 12:0 a.m.59 views

CVE-2024-51377

CVE-2024-51377 affects Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) v9.2.0. The issue allows a remote attacker to execute arbitrary code via the Subject and Identifier fields. In the connected sources, the vulnerability is documented across multiple feeds (including R...

8.8CVSS8AI score0.00448EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2024/10/22 10:15 p.m.21 views

CVE-2024-46482

An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file...

8.2CVSS0.00348EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/22 12:0 a.m.12 views

CVE-2024-46482

An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file...

0.00348EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/22 12:0 a.m.10 views

CVE-2024-46482

An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file...

7.8AI score0.00348EPSS
Exploits0References1
Rows per page
Query Builder