DEBIAN-CVE-2021-21195

Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Google Chrome 资源管理错误漏洞

Chrome is a simple and efficiently designed web browsing tool developed by Google. A post-release reuse vulnerability exists in V8 in versions prior to Google Chrome 89.0.4389.114. A programmed attacker can exploit this vulnerability to cause heap damage via a crafted HTML page...

Node.js: Unexpected input validation of octal literals in nodejs v15.12.0 and below returns defined values for all undefined octal literals.

Summary: Unexpected input validation of octal literals in the nodejs implementation of V8 JavaScript engine V8 9.0.257.13 and below returns defined values for all undefined octal literals where otherwise should return undefined. Input data 08, 09... 078, 079 should return undefined, as evinced by...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine, related to writing beyond the buffer limit, allows attackers to access sensitive data, compromise its integrity, and cause service failures.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to gain access to sensitive data, compromise its integrity, and cause service failures...

JerryScript suffers from a denial of service vulnerability (CNVD-2021-25996)

JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...

JerryScript suffers from a denial of service vulnerability (CNVD-2021-25990)

JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...

JerryScript suffers from a denial of service vulnerability (CNVD-2021-25997)

JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...

JerryScript has a binary vulnerability (CNVD-2021-25983)

JerryScript is a lightweight JavaScript engine . A binary vulnerability exists in JerryScript, which can be exploited by attackers to cause a denial of service...

JerryScript suffers from a denial of service vulnerability (CNVD-2021-25995)

JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...

JerryScript suffers from a denial of service vulnerability (CNVD-2021-26018)

JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...

JerryScript suffers from a denial of service vulnerability (CNVD-2021-25987)

JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...

JerryScript suffers from a denial of service vulnerability (CNVD-2021-25986)

JerryScript is a lightweight JavaScript engine . A denial of service vulnerability exists in JerryScript, which can be exploited by an attacker to cause a denial of service...

CVE-2021-23987

Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

CVE-2021-23983

By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 87...

CVE-2021-23982

Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to access sensitive data, compromise its integrity, and cause service failures.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine relates to access to data without type control. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

UBUNTU-CVE-2021-21169

Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...

CVE-2021-23977

Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox 8...

CVE-2021-23959

An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox 85...

CVE-2021-23970

Context-specific code was included in a shared jump table; resulting in assertions being triggered in multithreaded wasm code. This vulnerability affects Firefox 86...