CVE-2023-28159

The fullscreen notification could have been hidden on Firefox for Android by using download popups, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...

SUSE CVE-2023-2936

Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2023-2935

Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2023-2935

Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in the Google Chrome V8 component that stems from a type confusion issue in the V8 module. An attacker can exploit this vulnerability to execute arbitrary code on a system or cause an applicatio...

PT-2023-3621 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 114.0.5735.90 Description: The issue is related to a type confusion in the V8 JavaScript engine, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could lead to a...

Facebook Hermes 安全漏洞

Facebook Hermes is a JavaScript engine from Facebook Inc. in the United States. The engine is targeted at React Native applications to improve the performance of mobile client apps, but is not applicable to server-side infrastructures such as browsers & Node.js. Facebook Hermes...

Facebook Hermes 安全漏洞

Facebook Hermes is a JavaScript engine from Facebook Inc. in the United States. The engine is targeted at React Native applications to improve the performance of mobile client application apps, but not for server-side infrastructures such as browser & Node.js. Facebook Hermes has a security...

Facebook Hermes 代码问题漏洞

Facebook Hermes is a JavaScript engine from Facebook Inc. in the United States. The engine is targeted at React Native applications to improve the performance of mobile client application apps, but not for server-side infrastructures such as browsers & Node.js. Facebook Hermes has a security...

JerryScript ecma_big_uint_div_mod function denial of service vulnerability

JerryScript is a lightweight JavaScript engine Jerryscript project . A denial of service vulnerability exists in the JerryScript ecmabiguintdivmod function, which can be exploited by an attacker to cause a denial of service...

JerryScript parser_parse_function_arguments function denial of service vulnerability

JerryScript is a lightweight JavaScript engine Jerryscript project . A denial of service vulnerability exists in the JerryScript parserparsefunctionarguments function, which can be exploited by an attacker to cause a denial of service...

JerryScript parser_parse_class function denial of service vulnerability

JerryScript is a lightweight JavaScript engine Jerryscript project . A denial of service vulnerability exists in the JerryScript parserparseclass function, which can be exploited by an attacker to cause a denial of service...

DEBIAN-CVE-2023-2724

Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

PT-2023-3582 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 113.0.5672.126 Description: The issue is related to type confusion in the V8 JavaScript engine, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could impact the...

QuickJS 缓冲区错误漏洞

QuickJS is a small and embeddable Javascript engine. A security vulnerability exists in QuickJS, which is caused by a stack overflow...

CVE-2023-32212

An attacker could have positioned a datalist element to obscure the address bar. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...

CVE-2023-32216

Mozilla developers and community members Ronald Crane, Andrew McCreight, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

CVE-2023-32211

A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...

CVE-2023-32210

Documents were incorrectly assuming an ordering of principal objects when ensuring we were loading an appropriately privileged principal. In certain circumstances it might have been possible to cause a document to be loaded with a higher privileged principal than intended. This vulnerability...

CVE-2023-32205

In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...