Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2019/10/10 9:41 a.m.32 views

CVE-2018-12387

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content...

9.1CVSS1.7AI score0.32347EPSS
Exploits2References2
OSV
OSVadded 2018/10/18 1:29 p.m.4 views

CVE-2018-12387

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content...

9.1CVSS6.9AI score
Exploits0References9
UbuntuCve
UbuntuCveadded 2018/10/03 12:0 a.m.27 views

CVE-2018-12387

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content...

9.1CVSS7.2AI score0.32347EPSS
Exploits2References3
ALT Linux
ALT Linuxadded 2018/10/02 12:0 a.m.30 views

Security fix for the ALT Linux 10 package firefox-esr version 60.2.2-alt1

Oct. 2, 2018 Andrey Cherepanov 60.2.2-alt1 - New ESR version 60.2.2 - Fixed: + CVE-2018-12386 Type confusion in JavaScript + CVE-2018-12387 JavaScript JIT compiler inlines Array.prototype.push with multiple arguments...

6.4CVSS7.1AI score0.3799EPSS
Exploits3
Mozilla
Mozillaadded 2018/10/02 12:0 a.m.548 views

Security vulnerabilities fixed in Firefox 62.0.3 and Firefox ESR 60.2.2 — Mozilla

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with...

9.1CVSS1.6AI score0.3799EPSS
Exploits3References2Affected Software2
exploitpack
exploitpackadded 2018/02/15 12:0 a.m.15 views

Microsoft Edge Chakra JIT - NewScObjectNoCtor Array Type Confusion

Microsoft Edge Chakra JIT - NewScObjectNoCtor Array Type Confusion / This is similar to the previous issues 1457, 1459 MSRC 42551, MSRC 42552. If a JavaScript function is used as a consturctor, it sets the new object's "proto" to its "prototype". The JIT compiler uses NewScObjectNoCtor instructio...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2017/01/31 12:0 a.m.23 views

Mozilla Firefox ESR < 45.7 Multiple Vulnerabilities

Binary data 9928.prm...

9.8CVSS7.7AI score0.58393EPSS
Exploits16References12
OPENSUSE Linux
OPENSUSE Linuxadded 2016/05/04 3:8 p.m.38 views

Security update update for MozillaFirefox, mozilla-nss (important)

This update to Mozilla Firefox 46.0 fixes several security issues and bugs boo977333. The following vulnerabilities were fixed: - CVE-2016-2804: Miscellaneous memory safety hazards - MFSA 2016-39 boo977373 - CVE-2016-2806: Miscellaneous memory safety hazards - MFSA 2016-39 boo977375 -...

10CVSS0.5AI score0.02136EPSS
Exploits0References10
Rows per page
Query Builder