CVE-2020-15658

The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR 78.1, Firefox...

CVE-2020-15653

An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR 78.1, Firefox 79, and...

DEBIAN-CVE-2020-6533

Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

DEBIAN-CVE-2020-6507

Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2020-6507

Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2020-6512

Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2020-6533

Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Google Chrome Type Obfuscation Vulnerability (CNVD-2020-43483)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A type-obfuscation vulnerability exists in V8 in versions prior to Google Chrome 84.0.4147.89, which can be exploited by an attacker to execute arbitrary code or...

CVE-2020-12420

When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR 68.10, Firefox 78, and Thunderbird 68.10.0...

CVE-2020-12415

When "%2F" was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level directory. This vulnerability affects Firefox 78...

CVE-2020-12425

Due to confusion processing a hyphen character in Date.parse, a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox 78...

chromium-browser: Out of bounds write in V8

Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Memory Corruption Vulnerability in ChakraCore

ChakraCore is the core part of an open source ChakraJavaScript scripting engine used in the Edge browser or as a separate JavaScript engine . A memory corruption vulnerability exists in ChakraCore, which can be exploited by attackers to cause a denial of service...

chromium-browser: Type Confusion in V8

Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Fedora: Security Advisory for mozjs68 (FEDORA-2020-4334da4020)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome V8 Information Disclosure Vulnerability (CNVD-2020-32315)

Google Chrome is a web browser of Google Google, U.S. V8 is one of the open source JavaScript engine. A security vulnerability exists in V8 in versions of Google Chrome prior to 14.0.0.0, which stems from the program failing to fully enforce policies. The vulnerability can be exploited by a remot...

Google Chrome V8 Buffer Overflow Vulnerability (CNVD-2020-32316)

Google Chrome is a web browser of Google Google, U.S. V8 is one of the open source JavaScript engine. A buffer overflow vulnerability exists in V8 in versions of Google Chrome prior to 81.0.4044.92. A remote attacker can exploit this vulnerability to cause heap corruption with the help of special...

Google Chrome V8 Buffer Overflow Vulnerability (CNVD-2020-32317)

Google Chrome is a web browser of Google Google, U.S. V8 is one of the open source JavaScript engine. A security vulnerability exists in V8 in versions of Google Chrome prior to 80.0.3987.162. A remote attacker can exploit this vulnerability to cause heap corruption with the help of specially...

UBUNTU-CVE-2020-6419

Out of bounds write in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-12408

When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. This vulnerability affects Firefox 77...