4444 matches found
CVE-2019-17018
When in Private Browsing Mode on Windows 10, the Windows keyboard may retain word suggestions to improve the accuracy of the keyboard. This vulnerability affects Firefox 72...
CVE-2019-17015
During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR...
Mozilla Updates Firefox Browser: Zero-Day Bug Patched, Fingerprinting Nixed
UPDATE Mozilla patched a critical vulnerability actively being exploited in the wild with its latest update to the Firefox browser. Mozilla said in a security bulletin Wednesday that it was “aware of targeted attacks in the wild that were abusing the flaw. A successful attack “could make it...
chromium-browser: Out of bounds write in V8
Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
chromium-browser: Type Confusion in V8
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
chromium-browser: Type Confusion in V8
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2013-1689
Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service crash, related to event handling with frames...
The vulnerability of the V8 component in the Google Chrome browser allows a hacker to trigger a service failure.
The vulnerability of the V8 component in Google Chrome browser is related to reading beyond the buffer limit. Exploiting this vulnerability can allow a malicious actor to cause a service failure through a specially created HTML page...
The vulnerability in the V8 browser kernel of Google Chrome, which allows a hacker to trigger a service failure.
The vulnerability of Google Chrome’s V8 browser kernel relates to reading beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to trigger a service failure through a specially created HTML page...
The vulnerability of the V8 component in the Google Chrome browser allows attackers to disclose protected information.
The vulnerability of the V8 component in the Google Chrome browser is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information using a specially created PDF file...
CVE-2019-17005
The plain text serializer used a fixed-size array for the number of elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 68.3, Firefox ESR 68.3, and Firefox 71...
CVE-2019-11756
Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox 71...
CVE-2019-17012
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.3,...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created HTML page...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine exists due to a mix of types in V8. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
DEBIAN-CVE-2019-5878
Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
October 8, 2019—KB4520007 (Monthly Rollup)
October 8, 2019—KB4520007 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4516069released September 24, 2019 and addresses the following issues: Addresses an issue with applications and printer drivers that utilize the Window...
October 8, 2019—KB4520005 (Monthly Rollup)
October 8, 2019—KB4520005 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4516041released September 24, 2019 and addresses the following issues: Addresses an issue with applications and printer drivers that utilize the Window...
Foxit PhantomPDF 8.x < 8.3.12 / 9.x < 9.7 Multiple Vulnerabilities
According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.x 8.3.12 / 9.x 9.7. It is, therefore affected by multiple vulnerabilities: - An out-of-bounds error exists in the V8 JavaScript engine. An unauthenticated, remot...
Mozilla Firefox ESR < 17.0.10 Multiple Vulnerabilities
Binary data 701239.prm...