4441 matches found
CVE-2023-5727
The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 119,...
CVE-2023-5730
Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 119, Firefox ESR...
Mozilla Firefox Security Advisory (MFSA2023-45) - Linux
The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2023-45. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
CVE-2023-32724 JavaScript engine memory pointers are directly available for Zabbix users for modification
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation...
CVE-2023-32724 JavaScript engine memory pointers are directly available for Zabbix users for modification
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation...
USN-6426-1 webkit2gtk vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...
Foxit Reader < 9.1 Multiple Vulnerabilities
According to its version, the Foxit Reader application installed on the remote Windows host is prior to 9.1. It is, therefore affected by multiple vulnerabilities: - In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP...
Type Confusion
chromium is vulnerable to Type Confusion. This vulnerability could allow an attacker to execute arbitrary code on a victim's computer by exploiting a flaw in the V8 JavaScript engine. The impact of this vulnerability is high, as it can be exploited by attackers to steal sensitive data, take contr...
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
Foxit PDF Editor < 11.2.7 Multiple Vulnerabilities
According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 11.2.7. It is, therefore affected by multiple vulnerabilities: - A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF...
Foxit PDF Editor for Mac < 11.1.5 Multiple Vulnerabilities
According to its version, the Foxit PDF Editor for Mac application previously named Foxit PhantomPDF for Mac installed on the remote macOS host is prior to 11.1.5. It is, therefore affected by multiple vulnerabilities: - A use-after-free vulnerability exists in the JavaScript engine of Foxit...
DEBIAN-CVE-2023-4762
Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2023-4577
When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...
CVE-2023-4573
When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of Google Chrome’s V8 JavaScript engine lies in the execution of operations beyond the buffer limits in memory. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created HTML page...
PT-2023-4504 · Google +2 · Google Chrome +3
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 116.0.5845.110 Description: The issue is related to an out of bounds memory access in V8, allowing a remote attacker to perform an out of bounds memory read via a crafted HTML page. This can potentially impact...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser from Google, Inc. and V8 is an open source JavaScript engine. A security vulnerability previously existed in Google Chrome version 116.0.5845.110, which stemmed from an out-of-bounds read issue in the V8 module...
SUSE CVE-2023-4355
Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2023-4352
Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...