4444 matches found
ALSA-2024:6681 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: 115.15/128.2 ESR mozilla: Type confusion when looking up a property name in a "with" block CVE-2024-8381 mozilla: Internal event interfaces were exposed to web...
The vulnerability of the universal monitoring system Zabbix, related to the replacement of an unreliable indicator, allows a intruder to execute arbitrary code.
The vulnerability of the Zabbix universal monitoring system lies in the ability to directly modify memory pointers in the JavaScript engine. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
SUSE CVE-2024-8638
Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2024-8638
Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
CVE-2024-40754
Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0...
CVE-2024-40754
Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0...
SAMSUNG Escargot 安全漏洞
SAMSUNG Escargot is a memory-optimized JavaScript engine from Samsung South Korea for mid-range devices such as cell phones, tablets and TVs. A security vulnerability exists in SAMSUNG Escargot version 4.0.0, which stems from a heap-based buffer overflow vulnerability in the engine that allows fo...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in versions of Google Chrome prior to 128.0.6613.138, which is due to type obfuscation in V8. An attacker can exploit this vulnerability to execute arbitrary code on the system...
PT-2024-29028 · Samsung · Escargot
Name of the Vulnerable Software and Affected Versions: Escargot version 4.0.0 Description: The issue is a Heap-based Buffer Overflow vulnerability in the Samsung Open Source Escargot JavaScript engine, which allows overflow buffers to occur. This can potentially lead to security issues...
ROS-20240910-06
A vulnerability in the Zabbix universal monitoring system is related to improper code generation controls. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Zabbix universal monitoring system vulnerability is related to the ability to directly...
SUSE CVE-2021-21156
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script...
PT-2024-6735 · Google +4 · V8 Javascript Engine +5
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 129.0.6668.58 Microsoft Edge versions affected versions not specified Description: The issue is related to a type confusion error in the V8 JavaScript engine, which can be exploited by a remote attacker using a...
CVE-2024-7652
An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially crafted HTML page from a remote location...
DEBIAN-CVE-2024-7970
Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2024-8383
Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader...
CVE-2024-8381
A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment. This vulnerability affects Firefox 130, Firefox ESR 128.2, Firefox ESR 115.15, Thunderbird 128.2, and Thunderbird 115.15...
CVE-2024-8386
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2...
CVE-2024-8389
Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 130...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an out-of-bounds write vulnerability that stems from an out-of-bounds issue with the V8 component. An attacker can exploit this vulnerability to execute arbitrary code on the system...