Google Chrome < 64.0.3282.167 Vulnerability

The version of Google Chrome installed on the remote Windows host is prior to 64.0.3282.167. It is, therefore, affected by a vulnerability as referenced in the 201802stable-channel-update-for-desktop13 advisory. - Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prio...

Google Chrome < 64.0.3282.167 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 64.0.3282.167. It is, therefore, affected by a vulnerability as referenced in the 201802stable-channel-update-for-desktop13 advisory. - Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior ...

JavaScript Engine Heap Overflow Vulnerability in Multiple Adobe Products

Acrobat DC Continuous Track and so on are the products of the United States Ordoby Adobe.Acrobat DC Continuous Track is a desktop version of the PDF solution of the continuous update version.Reader DC Continuous Track is a PDF reading tool of the continuous update version! JavaScript engine is on...

Google Chrome < 64.0.3282.140 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 64.0.3282.140. It is, therefore, affected by a vulnerability as referenced in the 201802stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the...

Google Chrome < 64.0.3282.140 Vulnerability

The version of Google Chrome installed on the remote Windows host is prior to 64.0.3282.140. It is, therefore, affected by a vulnerability as referenced in the 201802stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the...

CVE-2017-5132

Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation...

CVE-2017-15392

Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap corruption via a crafted Windows Registry entry, related to PlatformIntegration...

chromium-browser: integer underflow in webassembly

Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page...

Important: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

CVE-2018-5093

A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash. This vulnerability affects Firefox 58...

Google Chrome V8 Engine and Digia Qt QtWebEngineCore Denial of Service Vulnerability

Google Chrome is a web browser developed by Google Google.V8 is a set of open source JavaScript engine.Digia Qt is a cross-platform C++ application development framework from Digia Finland. The framework can be used to develop GUI programs. QtWebEngineCore is one of the Web engine core. A denial ...

Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2018-00528)

Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation USA. The former is an operating system for personal computers and the latter is a server operating system.Edge is one of the default browsers that comes with the system.scripting engine is one of the JavaScrip...

Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CNVD-2018-00530)

Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation USA. The former is an operating system for personal computers and the latter is a server operating system.Edge is one of the default browsers that comes with the system.scripting engine is one of the JavaScrip...

Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0777)

A remote code execution vulnerability has been reported in Microsoft Edge. The vulnerability is due to an Out-of-Bounds write in the JavaScript engine. A remote attacker can exploit this issue by enticing a victim to open a specially crafted web page that could cause memory corruption in a way th...

Microsoft Browser Scripting Engine Memory Corruption (CVE-2018-0762)

A Type Confusion vulnerability exists in Microsoft Browsers. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. Successful exploitation of this vulnerability can achieve Remote Code Execution...

Speculative execution side-channel attack ("Spectre") — Mozilla

Jann Horn of Google Project Zero Security reported that speculative execution performed by modern CPUs could leak information through a timing side-channel attack. Microsoft Vulnerability Research extended this attack to browser JavaScript engines and demonstrated that code on a malicious web pag...

mozilla -- Speculative execution side-channel attack

Mozilla Foundation reports: Jann Horn of Google Project Zero Security reported that speculative execution performed by modern CPUs could leak information through a timing side-channel attack. Microsoft Vulnerability Research extended this attack to browser JavaScript engines and demonstrated that...

GHSA-VX5C-87QX-CV6C Arbitrary Code Execution in mathjs

math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution. Recommendation Update to version 3.17.0 or later...

Arbitrary Code Execution in mathjs

math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution. Recommendation Update to version 3.17.0 or later...

Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11889)

A Memory Corruption Vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...