57578 matches found
Astra Linux - уязвимость в chromium
In Google Chrome, memory access out of bounds in V8 before version 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в thunderbird
matrix-js-sdk is a client-server SDK for the Matrix messaging protocol, designed for JavaScript. Version 34.11.0 and earlier of matrix-js-sdk was vulnerable to client-side path traversal attacks through crafted MXC URIs. A malicious room member could trigger clients using matrix-js-sdk to send...
Astra Linux - уязвимость в libfastjson
JSON-C version 0.14 has an integer overflow issue, and there is a risk of out-of-bounds write operations through a large JSON file, as demonstrated by the printbufmemappend function...
Astra Linux - уязвимость в chromium
“Type Confusion in V8 in Google Chrome” before version 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в firefox
JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability has been fixed in Firefox 143.0.3...
Astra Linux - уязвимость в firefox
An attacker was able to insert an event handler into a privileged object, allowing arbitrary JavaScript execution in the parent process. Note: This vulnerability only affects Desktop Firefox; mobile versions of Firefox are not affected. This vulnerability applies to Firefox versions earlier than...
Astra Linux - уязвимость в nodejs
A OS command injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check. This vulnerability can be easily exploited, as the IsIPAddress function does not properly check whether an IP address is invalid before making DBS requests, thereby...
Astra Linux - уязвимость в chromium
In Google Chrome versions prior to 87.0.4280.88, uninitialized use of V8 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page...
Astra Linux - уязвимость в chromium
Type Confusion in V8 in Google Chrome before version 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
The vulnerability allows a remote attacker to execute arbitrary code within a sandbox, through a crafted HTML page, using V8 in Google Chrome before version 131.0.6778.204. Chromium security severity: High...
Astra Linux - уязвимость в chromium
In V8 of Google Chrome, out-of-bounds memory access prior to version 131.0.6778.204 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
In V8, the "out of bounds" reading in Google Chrome before version 91.0.4472.77 allowed a remote attacker to potentially exploit stack corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в zabbix
Templates do not properly handle backticks as JavaScript string delimiters, and do not escape them as expected. Backticks have been used since ES6 for JavaScript template literals. If a template contains a Go template action within a JavaScript template literal, the contents of the action can be...
Astra Linux - уязвимость в firefox, thunderbird
If an out-of-memory condition occurs when creating a JavaScript global, the JavaScript realm may be deleted, while references to it continue to exist within a BaseShape. This could lead to a use-after-free situation, potentially causing a exploitable crash. This vulnerability affects Firefox ESR...
Astra Linux - уязвимость в libjettison-java
A stack overflow in Jettison prior to v1.5.2 allowed attackers to cause a Denial of Service DoS attack through crafted JSON data...
Astra Linux - уязвимость в chromium
A heap buffer overflow in V8 in Google Chrome prior to version 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption through a crafted script...
firefox: thunderbird: Use-after-free in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...
firefox: thunderbird: Invalid pointer in the JavaScript: WebAssembly component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript: WebAssembly component...
firefox: thunderbird: Use-after-free in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...