CVE-2021-21831

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

CVE-2021-21870

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 browser allows a hacker to trigger a service failure.

The vulnerability of the JavaScript script handler in Google Chrome’s browser is related to type conversion errors. Exploiting this vulnerability could allow a malicious actor to cause service failures...

DEBIAN-CVE-2021-30563

Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2021-30561

Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2021-30563

Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Foxit Reader < 11.0.1 Multiple Vulnerabilities

According to its version, the Foxit Reader application installed on the remote Windows host is prior to 11.0.1. It is, therefore affected by multiple arbitrary code execution vulnerabilities due to a use-after-free flaw in the JavaScript engine. An authenticated, local attacker can exploit this b...

PT-2021-14823 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit Software’s PDF Reader version 11.0.0.49893 Description: A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader. A specially crafted PDF document can trigger the reuse of previously freed memory,...

Foxit Reader Field OnFocus event use-after-free vulnerability

Summary A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.0.0.49893. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open t...

CVE-2020-15660

Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution...

Microsoft Edge 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in V8 in versions of Google Chrome prior to 92.0.4515.107. A remote attacker could use this vulnerability to execute arbitrary code on the system or cause a denial of service condition...

The vulnerability of Google Chrome’s V8 engine, related to the execution of operations beyond the buffer in memory, allows attackers to access confidential information or cause service failures.

The vulnerability of Google Chrome’s V8 engine is related to insufficient input validation. Exploiting this vulnerability can allow an attacker to access confidential information or cause service failures...

CVE-2021-0514

In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2021-29970

A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. This bug could only be triggered when accessibility was enabled.. This vulnerability affects Thunderbird 78.12, Firefox ESR 78.12, and Firefox 90...

VulnCheck KEV: CVE-2021-30563

Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft...

CVE-2021-29962

Firefox for Android would become unstable and hard-to-recover when a website opened too many popups. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 89...

CVE-2021-29968

When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. This bug only affects Firefox on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox 89.0.1...

CVE-2021-29944

Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affec...

UBUNTU-CVE-2021-30551

Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Unspecified Vulnerability in JerryScript (CNVD-2021-42984)

JerryScript is a lightweight JavaScript engine . A security vulnerability exists in the parserparseobjectinitializer in js-parser-expr.c:3230 in JerryScript version 2.2.0. No details of the vulnerability are provided at this time...