Google Chrome V8 Denial of Service Vulnerability (CNVD-2016-00713)

Google Chrome is a web browser. Google V8 is one of the open source JavaScript engines. The 'LoadIC::UpdateCaches' function in the ic/ic.cc file of Google V8 used by Google Chrome fails to check for receiver compatibility before executing the variable, allowing remote attackers to exploit the...

CVE-2016-2051

Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

Microsoft Edge Arbitrary Code Execution Vulnerability

Microsoft Edge is a web browser developed by Microsoft USA and is the default browser that comes with the Windows 10 operating system. A security vulnerability in Microsoft Edge's Chakra JavaScript engine allows a remote attacker to build special WEB pages that can be tricked into parsing by user...

CVE-2016-0002

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

CVE-2016-0024

CVE-2016-0024 concerns the Chakra JavaScript engine in Microsoft Edge. The connected advisories consistently describe a remote code execution vulnerability in Chakra/Edge via unspecified vectors (memory corruption). Public sources reference MS16-002 and a cumulative security update (MS16-002/3124...

Microsoft Edge Multiple Vulnerabilities (3124904)

This host is missing a critical security update according to Microsoft Bulletin MS16-002. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Google Chrome Denial of Service Vulnerability (CNVD-2015-08299)

Google Chrome is a web browser developed by Google Inc. A security vulnerability exists in Google Chrome versions prior to 47.0.2526.73 and Google V8 versions prior to 4.7.80.23, which can be exploited by attackers to cause a denial of service...

KLA10723 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list ...

v8: multiple vulnerabilities fixed in 4.7.80.23

Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.80, allow attackers to cause a denial of service or possibly have other impact via unknown vectors, a different issue than CVE-2015-8478...

USN-2825-1 oxide-qt vulnerabilities

Multiple use-after-free bugs were discovered in the application cache implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the...

Google Chrome V8 Denial of Service Vulnerability (CNVD-2015-07961)

Google Chrome is the United States Google Google company developed a Web browser. Google V8 is one of the open source JavaScript engine. A security vulnerability exists in the js/array.js file of Google V8 used in Google Chrome 47.0.2526.73, which stems from the program's failure to properly...

Google Chrome PDFium Denial of Service Vulnerability (CNVD-2015-07965)

Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. Google Chrome 47.0.2526.73 previous versions of PDFium used in the fpdfsdk/src/jsapi/fxjsv8.cpp file has a security vulnerability, the vulnerability stems from...

Chakra JavaScript Engine: Microsoft Open-Sources the Heart of Edge browser

Microsoft has announced the plans to open source the core components of its "Chakra" – the JavaScript engine behind the new Edge browser – to GitHub code-sharing and collaboration repository next month. The company made this announcement at the JSConf US Last Call conference in Florida this...

UBUNTU-CVE-2015-6764

The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have...

UBUNTU-CVE-2015-6771

js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73, improperly implements certain map and filter operations for arrays, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified other impact via crafted JavaScript code...

UBUNTU-CVE-2015-8478

Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.73, allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

Google Chrome (Andriod) Javascript Handling Arbitrary Code Execution Vulnerability

Google Chrome is a popular WEB browser. A security vulnerability in Google Chrome JavaScript v8 on Android allows remote attackers to exploit the vulnerability to build a malicious WEB page to trick users into parsing it, which can be used in the context of an application to execute arbitrary cod...

Google Chrome V8 Denial of Service Vulnerability (CNVD-2015-06766)

Google Chrome is an open source WEB browser. Google V8 has a security vulnerability that allows remote attackers to exploit the vulnerability to build malicious WEB pages, trick users into parsing them, crash applications, and more...

Google Chrome < 45.0.2454.101 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 45.0.2454.101. It is, therefore, affected by multiple vulnerabilities as referenced in the 201509stable-channel-update24 advisory. - object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does no...

chromium-browser: Cross-origin bypass in V8

object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Origin Policy via a 1 observe or 2 getNotifier call...