4334 matches found
Chrome V8 JavaScript Engine Remote Code Execution
/ BSD 2-Clause License Copyright c 2021, rajvardhan agarwal All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice,...
DEBIAN-CVE-2021-21195
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Google Chrome 资源管理错误漏洞
Chrome is a simple and efficiently designed web browsing tool developed by Google. A post-release reuse vulnerability exists in V8 in versions prior to Google Chrome 89.0.4389.114. A programmed attacker can exploit this vulnerability to cause heap damage via a crafted HTML page...
Node.js: Unexpected input validation of octal literals in nodejs v15.12.0 and below returns defined values for all undefined octal literals.
Summary: Unexpected input validation of octal literals in the nodejs implementation of V8 JavaScript engine V8 9.0.257.13 and below returns defined values for all undefined octal literals where otherwise should return undefined. Input data 08, 09... 078, 079 should return undefined, as evinced by...
JerryScript suffers from a denial of service vulnerability (CNVD-2021-25996)
JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...
JerryScript suffers from a denial of service vulnerability (CNVD-2021-25997)
JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...
JerryScript suffers from a denial of service vulnerability (CNVD-2021-25990)
JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...
JerryScript has a binary vulnerability (CNVD-2021-25983)
JerryScript is a lightweight JavaScript engine . A binary vulnerability exists in JerryScript, which can be exploited by attackers to cause a denial of service...
JerryScript suffers from a denial of service vulnerability (CNVD-2021-26018)
JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...
JerryScript suffers from a denial of service vulnerability (CNVD-2021-25995)
JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...
JerryScript suffers from a denial of service vulnerability (CNVD-2021-25986)
JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...
JerryScript suffers from a denial of service vulnerability (CNVD-2021-25987)
JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...
CVE-2021-23987
Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...
CVE-2021-23983
By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 87...
CVE-2021-23982
Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...
UBUNTU-CVE-2021-21169
Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...
CVE-2021-23977
Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox 8...
CVE-2021-23959
An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox 85...
CVE-2021-23970
Context-specific code was included in a shared jump table; resulting in assertions being triggered in multithreaded wasm code. This vulnerability affects Firefox 86...
CVE-2021-23974
The DOMParser API did not properly process '' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox 86...