Mozilla -- JIT miscompilation

https://bugzilla.mozilla.org/showbug.cgi?id=1998050 reports: JIT miscompilation in the JavaScript Engine: JIT component...

KLA90817 Multiple vulnerabilities in Mozilla Thunderbird ESR

Multiple vulnerabilities were found in Mozilla Thunderbird ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in the...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 146 and ESR 140.6, which stems from a compilation error in the JavaScript Engine JIT component that could lead to code execution...

Mozilla Firefox和Mozilla Firefox ESR 安全漏洞

Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation, U.S.A. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox versions prior to 146, Firefox ES...

KLA90807 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability in the Graphics...

Linux Distros Unpatched Vulnerability : CVE-2025-14325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird...

Linux Distros Unpatched Vulnerability : CVE-2025-14324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146,...

Mozilla -- JIT miscompilation in the JavaScript Engine: JIT component

https://bugzilla.mozilla.org/showbug.cgi?id=1997503 reports: JIT miscompilation in the JavaScript Engine: JIT component...

CVE-2025-13630

Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Google Chrome Competitive Conditions Vulnerability

Google Chrome is a web browser developed by Google Inc. to provide users with a fast, secure and customizable web browsing experience. Google Chrome suffers from a competitive condition vulnerability that stems from the presence of a competitive condition in v8, which can be exploited by an...

openSUSE 16 Security Update : mozjs128 (openSUSE-SU-2025-20135-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20135-1 advisory. - Update to version 128.14.0 bsc1248162: - CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component - CVE-2025-918...

Security update for mozjs128 (important)

openSUSE security update: security update for mozjs128 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20135-1 Rating: important References: bsc1248162 Cross-References: CVE-2025-5263 CVE-2025-5264 CVE-2025-5265 CVE-2025-5266 CVE-2025-5267...

OPENSUSE-SU-2025-20135-1 Security update for mozjs128

This update for mozjs128 fixes the following issues: - Update to version 128.14.0 bsc1248162: + CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component + CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component + CVE-2025-9181: Uninitialized memo...

SUSE-SU-2025:21170-1 Security update for mozjs128

This update for mozjs128 fixes the following issues: - Update to version 128.14.0 bsc1248162: + CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component + CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component + CVE-2025-9181: Uninitialized memo...

AZL-71503 CVE-2025-66453 affecting package rhino 1.7.7.1-2

Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed function, it might lead to high CPU consumption and a potential Denial of Service. Small...

CVE-2025-66453

Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed function, it might lead to high CPU consumption and a potential Denial of Service. Small...

PT-2025-54573

Name of the Vulnerable Software and Affected Versions Google Chrome affected versions not specified Description A flaw exists in the JavaScript engine V8 used by the Google Chrome browser. This issue relates to incorrect security checks during the processing of standard elements. Successful...

EUVD-2025-200309

Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

EUVD-2025-200303

Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-13721

Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...