Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability that stems from the MarkStack assignment operator, which is part of the JavaScript engine and can access uninitialized memory if used for...

DEBIAN-CVE-2024-3156

Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2024-3159

Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

PT-2024-3274 · Google +4 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 123.0.6312.105 Description: The issue is related to an inappropriate implementation in V8, allowing a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. This could enabl...

CVE-2024-29944

An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox 124.0.1 and...

CVE-2024-29943

An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox 124.0.1...

SUSE CVE-2024-2625

Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-2606

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox 124...

CVE-2024-2609

The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox 124, Firefox ESR 115.10, and Thunderbird 115.10...

CVE-2024-2605

An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...

Out Of Bounds Memory Access

chromium is vulnerable to Out Of Bounds Memory Access . The vulnerability is due to a flaw in the V8 JavaScript engine, allowing a remote attacker to perform out-of-bounds memory access via a crafted HTML page...

DEBIAN-CVE-2024-2173

Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

DEBIAN-CVE-2024-1939

Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2024-1938

Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a type obfuscation vulnerability that stems from the presence of type obfuscation in V8. No detailed vulnerability details are provided at this time...

PT-2024-1906 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 122.0.6261.94 Description: The issue is related to a type confusion in the V8 JavaScript engine of Google Chrome, which can lead to object corruption. A remote attacker can potentially exploit this issue via a...

CVE-2024-1552

Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.Note: This issue only affects 32-bit ARM devices. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8...

CVE-2024-1556

The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 123...

CVE-2024-1555

When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox 123...