JerryScript ecma-helpers-string.c Denial of Service Vulnerability

JerryScript is a lightweight JavaScript engine from the JerryScript project.JerryScript has a denial-of-service vulnerability in version 3.0.0, which stems from a failed assertion in /base/ecma-helpers-string.c. An attacker could use this vulnerability to launch a denial of service...

JerryScript ecma-objects.c denial of service vulnerability

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a denial-of-service vulnerability in version 3.0.0, which stems from a failed assertion in /jerry-core/ecma/operations/ecma-objects.c , an attacker could use this vulnerability to launch a denial of service...

JerryScript js-parser-expr.c denial-of-service vulnerability

JerryScript is a lightweight JavaScript engine from the JerryScript project.JerryScript has a denial of service vulnerability in version 3.0.0, which stems from an assertion failure in /jerry-core/parser/js/js-parser-expr.c. An attacker could use this vulnerability to launch a denial of service...

Jerryscript stack buffer overflow vulnerability

JerryScript is a lightweight JavaScript engine from the JerryScript project. jerryscript has a stack buffer overflow vulnerability in version 3.0.0, which stems from vmloop.ltopriv.304 in /jerry-core/vm/vm.c when handling untrusted input with a boundary error. An attacker could exploit this...

JerryScript ecma-helpers-value.c denial-of-service vulnerability

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a denial-of-service vulnerability in version 3.0.0, which stems from a failed assertion in /jerry-core/ecma/base/ecma-helpers-value.c , an attacker could use this vulnerability to launch a denial of service...

JerryScript 安全漏洞

JerryScript is a lightweight JavaScript engine from the JerryScript project.JerryScript has a denial-of-service vulnerability in version 3.0.0, which stems from an assertion failure in /jerry-core/lit/lit-strings.c. An attacker could use this vulnerability to launch a denial of service...

JerryScript 安全漏洞

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a security vulnerability in JerryScript 3.0.0, which stems from /parser/js/js-scanner.cscannerscan statementend has an assertion contextp-stacktopuint8 == SCANSTACKTRYSTATEMENT || contextp-stacktopuint8 ==...

Microsoft ChakraCore 安全漏洞

Microsoft ChakraCore is the core part of an open source Chakra JavaScript scripting engine used in the Edge browser by Microsoft USA and can also be used as a standalone JavaScript engine. The vulnerability stems from an assertion pFuncBody-GetYieldRegister == oldYieldRegister failure in...

CVE-2022-22747

After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

CVE-2022-22737

Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

CVE-2022-22752

Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox...

CVE-2022-22742

When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

CVE-2022-22743

When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

CVE-2022-22738

Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

Ubuntu: Security Advisory (USN-5213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A code execution vulnerability exists in Google Chrome V8, which can be exploited by remote attackers to execute arbitrary code or cause a denial of service condition on a system...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to bypass existing security restrictions.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine arises from the simultaneous execution using a shared resource with incorrect synchronization in the “Race Situation” mode. Exploiting this vulnerability allows an attacker to bypass existing security restrictions...

DEBIAN-CVE-2021-4078

Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

DEBIAN-CVE-2021-4061

Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Markdown To Pdf 输入验证错误漏洞

Markdown To Pdf is a simple and crackable Cli tool from the individual developer Simon Hanisch in Germany. It is used to convert Markdown to pdf. An input validation error vulnerability exists in Markdown To Pdf, which stems from the product's use of gray-matter to parse front-end content when th...