SAMSUNG Escargot 安全漏洞

SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from a heap buffer overflow, which may lead to out-of-bound...

SAMSUNG Escargot 安全漏洞

SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from out-of-bound reading operations, which may lead to...

SAMSUNG Escargot 安全漏洞

SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from out-of-bound writes, which may lead to buffer overflow...

SAMSUNG Escargot 安全漏洞

SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from integer overflow, which may lead to buffer overflow...

SAMSUNG Escargot 安全漏洞

SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from out-of-bound reading operations, which may lead to...

SAMSUNG Escargot 安全漏洞

SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from type confusion, which may lead to pointer manipulation...

Nocobase 安全漏洞

Nocobase is an open-source low-code platform developed by NocoBase. Versions of Nocobase 2.0.23 and earlier contained security vulnerabilities. These vulnerabilities were caused by improper use of the createSafeConsole function in the...

PT-2026-32377

Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...

CVE-2025-69624

Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert. When app.alert is called with more than one argument and the first argument evaluates to null for example, app.alertapp.activeDocs, true when app.activeDocs is null...

PT-2026-32416

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that, in customizable analytics dashboards, could have allowed an authenticated user to execute arbitrary JavaScript in the context of other users' browsers due...

CVE-2025-69627

Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...

Oracle Linux 10 : nodejs24 (ELSA-2026-7675)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7675 advisory. 1:24.14.1-2.0.2 - Rebuild to correct NVR 1:24.14.1-2.0.1 - Update upstream references Tenable has extracted the preceding description block directly...

PT-2026-32376

Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert. When app.alert is called with more than one argument and the first argument evaluates to null for example, app.alertapp.activeDocs, true when app.activeDocs is null...

PT-2026-32532

A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue affects the function createSafeConsole of the file packages/plugins/@nocobase/plugin-workflow-javascript/src/server/Vm.js. Performing a manipulation results in sandbox issue. The attack can be...

Oracle Linux 8 : nodejs:24 (ELSA-2026-7670)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7670 advisory. nodejs 1:24.14.1-2 - Update bundled nghttp2 to 1.68.1 Related: RHEL-151374 1:24.14.1-1 - Update to 24.14.0 Resolves: RHEL-151374 nodejs-nodemon 3.0.3-1...

Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1578)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1578 advisory. A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs,...

RHEL 9 : firefox (RHSA-2026:7841)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7841 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 8 : firefox (RHSA-2026:7842)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:7842 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 10 : firefox (RHSA-2026:7843)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:7843 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 9 : firefox (RHSA-2026:7845)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7845 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...