The vulnerability of the JavaScript script handler in Google Chrome’s V8 browser allows attackers to compromise data integrity, cause service failures, or gain unauthorized access to confidential information.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 browser is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise data integrity, cause service failures, or gain unauthorized access to...

CVE-2020-6819

Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird 68.7.0, Firefox 74.0.1, and Firefox ESR 68.6.1...

chromium-browser: Inappropriate implementation in V8

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2020-6426

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Microsoft Patch Tuesday March 2020: a new record was set, SMBv3 “Wormable” RCE and updates for February goldies

SMBv3 "Wormable" RCE Without a doubt, the hottest Microsoft vulnerability in March 2020 is the "Wormable" Remote Code Execution in SMB v3 CVE-2020-0796. The most commonly used names for this vulnerability are EternalDarkness, SMBGhost and CoronaBlue. There was a strange story of how it was...

CVE-2020-6805

When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 68.6, Firefox 74, Firefox ESR68.6, and Firefox ESR 68.6...

chromium-browser: Type confusion in V8

Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine exists due to a mix of types in V8. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to access sensitive data, compromise its integrity, and cause service failures.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to access sensitive data, compromise its integrity, and even cause service failures through a specially crafted HTML pa...

DEBIAN-CVE-2020-6379

Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-6801

Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 73...

chromium-browser: use-after-free in speech recognizer

Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

October 3, 2019—KB4524150 (OS Build 16299.1421)

October 3, 2019—KB4524150 OS Build 16299.1421 IMPORTANT This is a required security update that expands the out-of-band update dated September 23, 2019. This security update includes the Internet Explorer scripting engine security vulnerability CVE-2019-1367 mitigation and corrects a recent...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2017-1150)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Foxit Reader Memory Misreference Vulnerability (CNVD-2020-04107)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

Foxit Reader Memory Misreference Vulnerability (CNVD-2020-04097)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

Foxit Reader Memory Misreference Vulnerability (CNVD-2020-04108)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

CVE-2019-5126

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open t...

CVE-2019-5131

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick t...

CVE-2019-5126

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open t...