Lucene search
K

4509 matches found

UbuntuCve
UbuntuCve
added 2025/03/04 2:15 p.m.10 views

CVE-2025-27425

Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...

4.3CVSS5.8AI score0.00215EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/03/04 2:15 p.m.10 views

CVE-2025-1942

When String.toUpperCase caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string. This vulnerability was fixed in Firefox 136 and Thunderbird 136...

9.8CVSS6.9AI score0.00446EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/03/04 2:15 p.m.13 views

CVE-2025-1943

Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 136 and Thunderbird 136...

8.2CVSS7.3AI score0.00404EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/03/04 2:15 p.m.6 views

CVE-2025-1938

Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firef...

6.5CVSS7.1AI score0.00312EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/03/04 2:15 p.m.7 views

CVE-2025-1940

A select option could partially obscure the confirmation prompt shown before launching external apps. This could be used to trick a user in to launching an external app unexpectedly. This issue only affects Android versions of Firefox.. This vulnerability was fixed in Firefox 136...

7.1CVSS6AI score0.0023EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/03/04 2:15 p.m.15 views

CVE-2025-1935

A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

4.3CVSS6.7AI score0.00316EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/03/04 12:0 a.m.4 views

PT-2025-9735 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 134.0.6998.35 Description: The issue is an out-of-bounds read in the V8 JavaScript engine in Google Chrome, allowing a remote attacker to perform out-of-bounds memory access via a crafted HTML page. This has a...

10CVSS6.1AI score0.00415EPSS
Exploits0References96
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2011-0054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to...

10CVSS7.7AI score0.04554EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/02 12:0 a.m.5 views

PT-2025-10636

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 134.0.6998.88 Description A type confusion issue exists in the V8 JavaScript engine. This flaw allows a remote attacker to potentially cause heap corruption—a condition where memory is incorrectly allocated or...

10CVSS7.6AI score0.06387EPSS
Exploits1References67
SUSE CVE
SUSE CVE
added 2025/02/20 2:31 p.m.1 views

SUSE CVE-2025-0999

Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00648EPSS
Exploits0References5
OSV
OSV
added 2025/02/15 2:15 a.m.1 views

DEBIAN-CVE-2025-0995

Use after free in V8 in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.2AI score0.0046EPSS
Exploits0References1
Snyk
Snyk
added 2025/02/15 1:42 a.m.2 views

Use After Free

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Use After Free through the V8 engine. An attacker can potentially exploit heap corruption by crafting a...

8.8CVSS6.9AI score0.0046EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Zabbix

Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine...

9.1CVSS7.8AI score0.00755EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/06 4:12 a.m.14 views

CVE-2021-40420

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

8.8CVSS7.1AI score0.04687EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2025/02/06 12:0 a.m.12 views

CVE-2025-1011

A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

9.8CVSS7.3AI score0.00585EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/02/06 12:0 a.m.12 views

CVE-2025-1009

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

9.8CVSS7.3AI score0.01163EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2025/02/05 7:54 p.m.9 views

CVE-2022-22150

A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger an exception which is improperly handled, leaving the engine in an invalid state, which can lead to memory corruption and arbitrary...

8.8CVSS7.3AI score0.01795EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:54 p.m.10 views

CVE-2019-5131

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick t...

8.8CVSS7.2AI score0.02422EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:46 p.m.7 views

CVE-2020-13557

A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

8.8CVSS7.2AI score0.71145EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 1:42 p.m.8 views

CVE-2020-13547

A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to...

8.8CVSS7.3AI score0.02869EPSS
Exploits1
Rows per page
Query Builder