242 matches found
UBUNTU-CVE-2025-8033
The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...
CVE-2025-8033
The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...
CVE-2025-8033 Incorrect JavaScript state machine for generators
The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...
Mozilla -- nullptr dereference
[email protected] reports: The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref...
CVE-2005-3087
The SecureW2 3.0 TLS implementation uses weak random number generators rand and srand from system time during generation of the pre-master secret PMS, which makes it easier for attackers to guess the secret and decrypt sensitive data...
python-rpm-generators bug fix and enhancement update
An update is available for python-rpm-generators. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
The Hardness of Learning Quantum Circuits and Its Cryptographic Applications
We show that concrete hardness assumptions about learning or cloning the output state of a random quantum circuit can be used as the foundation for secure quantum cryptography. In particular, under these assumptions we construct secure one-way state generators OWSGs, digital signature schemes,...
Astra Linux – Vulnerability in Firefox, Thunderbird
An error in the ECMA-262 specification related to Async Generators could lead to a type confusion, potentially causing memory corruption and an exploitable crash. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...
CVE-2024-43357
ECMA-262 is the language specification for the scripting language ECMAScript. A problem in the ECMAScript JavaScript specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security vulnerability, such as type...
[SECURITY] Fedora 41 Update: golang-github-aws-smithy-1.22.1-1.fc41
Smithy code generators for Go in development...
SUSE CVE-2024-46850
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid race between dcn35setdrr and dcstatedestruct dcstatedestruct nulls the resource context of the DC state. The pipe context passed to dcn35setdrr is a member of this resource context. If dcstatedestruct is...
SUSE CVE-2024-46851
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid race between dcn10setdrr and dcstatedestruct dcstatedestruct nulls the resource context of the DC state. The pipe context passed to dcn10setdrr is a member of this resource context. If dcstatedestruct is...
UBUNTU-CVE-2024-46850
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid race between dcn35setdrr and dcstatedestruct dcstatedestruct nulls the resource context of the DC state. The pipe context passed to dcn35setdrr is a member of this resource context. If dcstatedestruct is...
UBUNTU-CVE-2024-46851
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid race between dcn10setdrr and dcstatedestruct dcstatedestruct nulls the resource context of the DC state. The pipe context passed to dcn10setdrr is a member of this resource context. If dcstatedestruct is...
mozilla: Type Confusion in Async Generators in Javascript Engine
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash...
mozilla: Type Confusion in Async Generators in Javascript Engine
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash...
mozilla: Type Confusion in Async Generators in Javascript Engine
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash...
mozilla: Type Confusion in Async Generators in Javascript Engine
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash...
mozilla: Type Confusion in Async Generators in Javascript Engine
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash...
mozilla: Type Confusion in Async Generators in Javascript Engine
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash...