CVE-2024-36461 Direct access to memory pointers within the JS engine for modification

Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine...

PT-2024-6101 · Zabbix +4 · Zabbix +4

Name of the Vulnerable Software and Affected Versions: Zabbix versions 6.0.30 through 6.0.30, 6.4.15, and 7.0.0 Description: The issue is related to the ability to directly modify memory pointers in the JavaScript engine within Zabbix. This could allow a remote attacker to execute arbitrary code...

PT-2024-6342 · Google +5 · Google Chrome +6

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 128.0.6613.119 Description: The issue is related to an out of bounds write in the V8 JavaScript engine of Google Chrome and Microsoft Edge browsers. This can allow a remote attacker to potentially exploit heap...

DEBIAN-CVE-2024-7535

Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-7530

Incorrect garbage collection interaction could have led to a use-after-free. This vulnerability affects Firefox 129...

CVE-2024-32671

CVE-2024-32671 affects Samsung Open Source Escargot, specifically the Escargot JavaScript engine version 4.0.0. The issue is a heap-based buffer overflow in the JS engine that can overflow buffers. Per NVD, the vulnerability carries a CVSSv3.1 base score of 9.8 (CRITICAL) with network attack vect...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page...

PT-2024-24756 · Samsung · Escargot

Name of the Vulnerable Software and Affected Versions: Escargot version 4.0.0 Description: A Heap-based Buffer Overflow issue in the Samsung Open Source Escargot JavaScript engine allows for buffer overflows. Recommendations: For Escargot version 4.0.0, at the moment, there is no information abou...

SUSE CVE-2024-6773

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2024-6772

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security vulnerability that stems from a mal-implementation issue found in the V8 module. No details of the vulnerability are provided at this time...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security vulnerability that stems from a mal-implementation issue found in the V8 module. No details of the vulnerability are provided at this time...

CVE-2024-6614

The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox 128 and Thunderbird 128...

CVE-2024-6602

A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...

CVE-2024-6601

A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...

PT-2024-6386 · Google +4 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 128.0.6613.113 Description: The issue is related to a type confusion in the V8 JavaScript engine, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could impact the...

USN-6862-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-5689, CVE-2024-5690,...

Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6862-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6862-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially explo...

SUSE CVE-2024-6100

Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2024-5694

An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox 127...