CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

242 matches found

AlmaLinux•added 2024/09/16 12:0 a.m.•16 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: 115.15/128.2 mozilla: Type confusion when looking up a property name in a "with" block CVE-2024-8381 mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener...

9.8CVSS7.8AI score0.04395EPSS

Exploits1References18

SUSE CVE•added 2024/09/11 3:15 a.m.•1 views

SUSE CVE-2024-7652

An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...

8.6CVSS8.9AI score0.00656EPSS

Exploits0References7

SUSE CVE•added 2024/09/11 2:54 a.m.•3 views

SUSE CVE-2024-43357

ECMA-262 is the language specification for the scripting language ECMAScript. A problem in the ECMAScript JavaScript specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security vulnerability, such as type...

8.6CVSS8.8AI score0.00601EPSS

Exploits0References3

Tenable Nessus•added 2024/09/08 12:0 a.m.•15 views

FreeBSD : firefox -- Potential memory corruption and exploitable crash (7ade3c38-6d1f-11ef-ae11-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7ade3c38-6d1f-11ef-ae11-b42e991fc52e advisory. [email protected] reports: An error in the ECMA-262 specification relating to Async Generators could...

7.5CVSS8.2AI score0.00656EPSS

Exploits0References3

RedhatCVE•added 2024/09/06 9:41 p.m.•21 views

CVE-2024-7652

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. Mitigation Mitigati...

8.6CVSS8.4AI score0.00656EPSS

Exploits0References9

NVD•added 2024/09/06 7:15 p.m.•17 views

CVE-2024-7652

7.5CVSS0.00656EPSS

Exploits0References6

OSV•added 2024/09/06 7:15 p.m.•21 views

CVE-2024-7652

7.5CVSS6.2AI score

Exploits0References6

OSV•added 2024/09/06 7:15 p.m.•1 views

DEBIAN-CVE-2024-7652

7.5CVSS8.5AI score0.00656EPSS

Exploits0References1

OSV•added 2024/09/06 7:15 p.m.•0 views

UBUNTU-CVE-2024-7652

7.5CVSS7.3AI score0.00656EPSS

Exploits0References10

Cvelist•added 2024/09/06 6:18 p.m.•19 views

CVE-2024-7652 Type Confusion in Async Generators in Javascript Engine

0.00656EPSS

Exploits0References6

Vulnrichment•added 2024/09/06 6:18 p.m.•31 views

CVE-2024-7652 Type Confusion in Async Generators in Javascript Engine

7.8AI score0.00656EPSS

Exploits0References6

CVE•added 2024/09/06 6:18 p.m.•155 views

CVE-2024-7652

CVE-2024-7652 involves a type confusion in the ECMA-262 Async Generators path that could lead to memory corruption and an exploitable crash. Affected products include Firefox and Thunderbird releases prior to 128 (Firefox <128, ESR <115.13; Thunderbird <115.13 and

7.5CVSS6.4AI score0.00656EPSS

Exploits0References6Affected Software2

FreeBSD•added 2024/09/06 12:0 a.m.•23 views

firefox -- Potential memory corruption and exploitable crash

[email protected] reports: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash...

7.5CVSS7AI score0.00656EPSS

Exploits0References1

Wired Threat Level•added 2024/08/29 10:0 a.m.•78 views

Harmful 'Nudify' Websites Used Google, Apple, and Discord Sign-On Systems

Single sign-on systems from several Big Tech companies are being incorporated into deepfake generators, WIRED found. Discord and Apple have started to terminate some developers’ accounts...

6.9AI score

Exploits0

NVD•added 2024/08/15 7:15 p.m.•36 views

CVE-2024-43357

8.6CVSS0.00601EPSS

Exploits0References10

CVE•added 2024/08/15 6:36 p.m.•70 views

CVE-2024-43357

CVE-2024-43357 describes a bug in the ECMA-262 Async Generators: IteratorResult objects can be made then-able, allowing re-entry into the async generator machinery and violating internal invariants. The root cause is a May 2021 spec refactor that leaves IteratorResult objects inheriting from Obje...

8.6CVSS8.4AI score0.00601EPSS

Exploits0References10

Vulnrichment•added 2024/08/15 6:36 p.m.•33 views

CVE-2024-43357 JavaScript specification issue may lead to type confusion and pointer dereference in implementations

8.6CVSS8.4AI score0.00601EPSS

Exploits0References10

Cvelist•added 2024/08/15 6:36 p.m.•40 views

CVE-2024-43357 JavaScript specification issue may lead to type confusion and pointer dereference in implementations

8.6CVSS0.00601EPSS

Exploits0References10

OSV•added 2024/08/15 6:36 p.m.•10 views

CVE-2024-43357 JavaScript specification issue may lead to type confusion and pointer dereference in implementations

8.6CVSS8.3AI score0.00656EPSS

Exploits0References12

Positive Technologies•added 2024/08/14 12:0 a.m.•2 views

PT-2024-30525 · Unknown · Ecmascript

Name of the Vulnerable Software and Affected Versions: ECMAScript affected versions not specified Description: A problem in the ECMAScript specification of async generators may lead to mis-implementation in a way that could present as a security issue, such as type confusion and pointer...

8.6CVSS9.6AI score0.00656EPSS

Exploits0References20

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by