4509 matches found
PT-2025-49852
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 146 Firefox ESR versions prior to 140.6 Thunderbird versions prior to 146 Thunderbird versions prior to 140.6 Description The JavaScript Engine contains a JIT miscompilation issue within the JIT component. This relate...
SUSE CVE-2024-12693
Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2024-12695
Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by an out-of-bounds write in V8. An attacker can exploit the vulnerability to execute arbitrary code on the system...
Google Chrome Type Obfuscation Vulnerability
Google Chrome is a free web browser developed by Google. It is the world's largest browser in terms of market share due to its speed, security, simplicity, multi-platform support and built-in privacy protection. Google Chrome suffers from a type confusion vulnerability that stems from the V8...
DEBIAN-CVE-2024-12381
Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
PT-2024-9699 · Microsoft +4 · Edge +5
Name of the Vulnerable Software and Affected Versions: Chromium versions prior to 131.0.6778.204 Google Chrome versions prior to 131.0.6778.204 Microsoft Edge affected versions not specified Description: A vulnerability exists in the V8 JavaScript engine used by Google Chrome and Microsoft Edge...
SUSE CVE-2024-12381
Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Google Chrome 安全漏洞
Google Chrome is a WEB browser developed by Google Inc. Google Chrome V8 suffers from a use-after-release vulnerability that can be exploited by an attacker to execute arbitrary code...
PT-2024-9661
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 131.0.6778.139 Chromium versions prior to 131.0.6778.139 Description A type confusion issue exists in the V8 JavaScript engine component of Google Chrome and Chromium. This issue could allow a remote attacker to...
Spidermonkey: Multiple Vulnerabilities
Background SpiderMonkey is Mozilla’s JavaScript and WebAssembly Engine, used in Firefox, Servo and various other projects. It is written in C++, Rust and JavaScript. You can embed it into C++ and Rust projects, and it can be run as a stand-alone shell. Description Multiple vulnerabilities have be...
SUSE CVE-2024-12053
Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2024-12053
Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by type confusion in V8. An attacker can exploit the vulnerability to execute arbitrary code on the system...
PT-2024-9999
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 131.0.6778.108 Description A type confusion issue exists in the V8 JavaScript engine, specifically involving WebAssembly where relative types leak from the type canonicalizer. This flaw allows a remote attacker ...
CVE-2024-42331
In the src/libs/zbxembed/browser.c file, the esbrowserctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browserpusherror method in the src/libs/zbxembed/browsererror.c file. A use-after-free bug can occur at this stage if th...
CVE-2024-42331 Use after free in browser_push_error
In the src/libs/zbxembed/browser.c file, the esbrowserctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browserpusherror method in the src/libs/zbxembed/browsererror.c file. A use-after-free bug can occur at this stage if th...
CVE-2024-42331 Use after free in browser_push_error
In the src/libs/zbxembed/browser.c file, the esbrowserctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browserpusherror method in the src/libs/zbxembed/browsererror.c file. A use-after-free bug can occur at this stage if th...
CVE-2024-11696
The application failed to account for exceptions thrown by the loadManifestFromFile method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the...
CVE-2024-11695
A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...