CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

119 matches found

Positive Technologies•added 2026/05/06 12:0 a.m.•5 views

PT-2026-38542

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

7.5CVSS7.1AI score0.01495EPSS

Exploits2References21

Packet Storm News•added 2026/03/19 12:0 a.m.•0 views

Weaver: Fuzzing JavaScript Engines at the JavaScript-WebAssembly Boundary

The security of modern JavaScript JS engines is critical since they provide the primary defense mechanism for executing untrusted code on the web. The recent integration of WebAssembly Wasm has transformed these engines into complex polyglot environments, creating a novel attack surface at the...

6AI score

Exploits0

OSV•added 2025/10/09 5:59 p.m.•1 views

USN-7817-1 webkit2gtk vulnerabilities

9.8CVSS6.3AI score0.00554EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-1557

Malware in sbrugna...

7.5CVSS7.9AI score0.02581EPSS

Exploits1References40

Packet Storm News•added 2025/05/01 12:0 a.m.•6 views

PatchFuzz: Patch Fuzzing for JavaScript Engines

Patch fuzzing is a technique aimed at identifying vulnerabilities that arise from newly patched code. While researchers have made efforts to apply patch fuzzing to testing JavaScript engines with considerable success, these efforts have been limited to using ordinary test cases or publicly...

7.7AI score

Exploits0

Ubuntu•added 2024/05/28 10:49 a.m.•37 views

USN-6788-1: WebKitGTK vulnerabilities

8.1CVSS7.4AI score0.00008EPSS

Exploits0

OpenVAS•added 2024/04/16 12:0 a.m.•22 views

Ubuntu: Security Advisory (USN-6732-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.5AI score0.00672EPSS

Exploits0References2

OpenVAS•added 2024/02/13 12:0 a.m.•28 views

Ubuntu: Security Advisory (USN-6631-1)

8.8CVSS8.2AI score0.00618EPSS

Exploits6References4

OpenVAS•added 2023/10/11 12:0 a.m.•30 views

Ubuntu: Security Advisory (USN-6426-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.24165EPSS

Exploits3References4

Ubuntu•added 2023/10/10 3:9 p.m.•78 views

USN-6426-1: WebKitGTK vulnerabilities

8.8CVSS8.2AI score0.24165EPSS

Exploits3

Ubuntu•added 2023/07/31 12:32 p.m.•61 views

USN-6264-1: WebKitGTK vulnerabilities

8.8CVSS7.7AI score0.0116EPSS

Exploits1

SUSE CVE•added 2023/02/15 6:10 a.m.•2 views

SUSE CVE-2007-5340

Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service crash via crafted HTML that triggers memory corruption...

4.3CVSS8.5AI score0.1485EPSS

Exploits1References5

SUSE CVE•added 2023/02/15 5:31 a.m.•1 views

SUSE CVE-2014-1481

Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines...

7.5CVSS8.9AI score0.02581EPSS

Exploits1References10

Ubuntu•added 2022/11/17 1:4 p.m.•49 views

USN-5730-1: WebKitGTK vulnerabilities

8.8CVSS6.6AI score0.0092EPSS

Exploits0

OpenVAS•added 2022/09/16 12:0 a.m.•15 views

Ubuntu: Security Advisory (USN-5611-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.00088EPSS

Exploits0References4

OSV•added 2022/06/01 11:24 a.m.•0 views

USN-5457-1 webkit2gtk vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.4AI score0.00937EPSS

Exploits0References6

OSV•added 2022/04/28 12:40 p.m.•0 views

USN-5394-1 webkit2gtk vulnerabilities

8.8CVSS7AI score0.29989EPSS

Exploits0References5

OSV•added 2022/01/06 2:54 p.m.•1 views

USN-5213-1 webkit2gtk vulnerabilities

6.5CVSS7AI score0.01217EPSS

Exploits0References3

OSV•added 2021/11/01 1:43 p.m.•1 views

USN-5127-1 webkit2gtk vulnerabilities

8.8CVSS7AI score0.00769EPSS

Exploits1References4

Schneier on Security•added 2021/03/18 11:17 a.m.•42 views

Exploiting Spectre Over the Internet

Google has demonstrated exploiting the Spectre CPU attack remotely over the web: Today, were sharing proof-of-concept PoC code that confirms the practicality of Spectre exploits against JavaScript engines. We use Google Chrome to demonstrate our attack, but these issues are not specific to Chrome...

1.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by