GHSA-92J2-GG59-4572 ChakraCore RCE Vulnerability

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption...

ChakraCore RCE Vulnerability

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3389, CVE-2016-7190, and...

ChakraCore RCE Vulnerability

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."...

GHSA-VR4J-GJ8Q-M89V ChakraCore RCE Vulnerability

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."...

ChakraCore RCE Vulnerability

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-3389, and...

GHSA-W4MJ-XWVW-382F ChakraCore RCE Vulnerability

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-3389, and...

ChakraCore RCE Vulnerability

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386, CVE-2016-3389, and...

GHSA-MMFQ-R3RG-8R7W ChakraCore RCE Vulnerability

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," as demonstrated by the Chakra...

Cesanta MJS has an unspecified vulnerability (CNVD-2022-77022)

Cesanta MJS is an embedded JavaScript engine for C/C from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are small footprint and simple C/C interoperability.Cesanta MJS has a security vulnerability that could be exploited by an attacker to cause...

KLA12530 Multiple vulnerabilities in Foxit Reader

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability can be exploited remotely ...

CVE-2022-29912

Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

GHSA-773H-W45W-F2F9 Denial of service vulnerability exists in libxmljs

libxmljs provides libxml bindings for v8 javascript engine. This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a...

DEBIAN-CVE-2022-21227

The package sqlite3 before 5.0.3 are vulnerable to Denial of Service DoS which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine...

UBUNTU-CVE-2022-21227

The package sqlite3 before 5.0.3 are vulnerable to Denial of Service DoS which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine...

Google Releases Urgent Chrome Update to Patch Actively Exploited Zero-Day Flaw

Google on Thursday shipped emergency patches to address two security issues in its Chrome web browser, one of which it says is being actively exploited in the wild. Tracked as CVE-2022-1364, the tech giant described the high-severity bug as a case of type confusion in the V8 JavaScript engine...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to gain unauthorized access to protected information.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created web page...

Google Chrome 安全特征问题漏洞

Google Chrome is a web browser from Google Inc. of the U.S. V8 is one of the open source JavaScript engines. Google Chrome suffers from a security feature issue vulnerability that stems from improper implementation in synthesis...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc.V8 is an open source JavaScript engine. Google Chrome suffers from a resource management error vulnerability that stems from the presence of post-release reuse in software storage...

Google Chrome 安全特征问题漏洞

Google Chrome is a web browser from Google, Inc.V8 is an open source JavaScript engine. Google Chrome suffers from a security signature issue vulnerability that stems from improper full-screen execution of the software...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc.V8 is an open source JavaScript engine. Google Chrome suffers from a resource management error vulnerability that stems from the presence of post-release reuse in BFCache...