Lucene search
K

4514 matches found

Cvelist
Cvelist
added 2025/06/11 12:7 p.m.11 views

CVE-2025-49710 Integer overflow in OrderedHashTable

An integer overflow was present in OrderedHashTable used by the JavaScript engine. This vulnerability was fixed in Firefox 139.0.4...

0.00651EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/06/11 12:7 p.m.5 views

CVE-2025-49710

An integer overflow was present in OrderedHashTable used by the JavaScript engine. This vulnerability was fixed in Firefox 139.0.4...

9.8CVSS8.5AI score0.00651EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/11 5:29 a.m.7 views

CVE-2025-5959

A flaw was found in chromium. A type confusion vulnerability exists within the V8 JavaScript engine, allowing a remote attacker to trigger arbitrary code execution within the browser's sandbox through a specially crafted HTML page. This issue occurs due to improper type handling during object...

8.8CVSS8.6AI score0.10666EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/11 12:0 a.m.3 views

Mozilla Firefox 输入验证错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. An input validation error vulnerability exists in Mozilla Firefox versions prior to 139.0.4, which stems from an integer overflow in OrderedHashTable in the JavaScript engine...

9.8CVSS8.9AI score0.00651EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2025/06/11 12:0 a.m.6 views

Firefox -- Multiple vulnerabilities

[email protected] reports: CVE-2025-49709: Certain canvas operations could have lead to memory corruption. CVE-2025-49710: An integer overflow was present in OrderedHashTable used by the JavaScript engine...

9.8CVSS7.4AI score0.00651EPSS
Exploits0References2
Mozilla
Mozilla
added 2025/06/10 12:0 a.m.20 views

Security Vulnerabilities fixed in Firefox 139.0.4 — Mozilla

Certain canvas operations could have lead to memory corruption. An integer overflow was present in OrderedHashTable used by the JavaScript engine...

9.8CVSS6.9AI score0.00651EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.4 views

PT-2025-25207

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 139.0.4 Description An integer overflow occurred in the OrderedHashTable used by the JavaScript engine. Recommendations For versions prior to 139.0.4, update to version 139.0.4 or later to resolve the issue...

9.8CVSS8.2AI score0.09348EPSS
Exploits3References301
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.6 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

10CVSS8.5AI score0.00363EPSS
Exploits0References11Affected Software5
SUSE CVE
SUSE CVE
added 2025/06/04 3:1 a.m.2 views

SUSE CVE-2025-5419

Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.1AI score0.06463EPSS
Exploits3References3
CNNVD
CNNVD
added 2025/06/02 12:0 a.m.2 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from an out-of-bounds read/write vulnerability that stems from an out-of-bounds read/write issue in the V8 engine, which can be exploited by an attacker to trigger the vulnerability via a malicious web page, bypassing t...

8.8CVSS9.1AI score0.06463EPSS
Exploits3References4
ATTACKERKB
ATTACKERKB
added 2025/05/27 9:15 p.m.2 views

CVE-2025-5280

Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.02249EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2025/05/27 12:0 a.m.6 views

CVE-2025-5271

Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

6.5CVSS6.1AI score0.00247EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/05/27 12:0 a.m.8 views

CVE-2025-5270

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

7.5CVSS6.4AI score0.00234EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/05/27 12:0 a.m.11 views

CVE-2025-5264

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11,...

4.8CVSS7AI score0.00135EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/05/27 12:0 a.m.9 views

CVE-2025-5268

Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

8.1CVSS7AI score0.00398EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 10:15 a.m.6 views

CVE-2024-3862

The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox 125...

5.3CVSS6.1AI score0.00365EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:27 a.m.3 views

CVE-2023-27379

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...

8.8CVSS7.7AI score0.01026EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:7 p.m.5 views

CVE-2021-33441

An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is NULL pointer dereference in execexpr in mjs.c...

5.5CVSS6.9AI score0.00302EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:48 p.m.6 views

CVE-2021-33445

An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is NULL pointer dereference in mjsstringcharcodeat in mjs.c...

5.5CVSS6.9AI score0.00307EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:12 p.m.7 views

CVE-2021-21870

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

8.8CVSS7.4AI score0.019EPSS
Exploits1References1
Rows per page
Query Builder