Lucene search
K

11 matches found

RedHat Linux
RedHat Linux
added 2026/01/05 2:17 a.m.3 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

9.8CVSS5.7AI score0.00481EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.3 views

RHEL 8 : firefox (RHSA-2026:0015)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0015 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS8.3AI score0.00498EPSS
Exploits2References22
OSV
OSV
added 2025/12/17 3:48 p.m.4 views

CLSA-2025-1765986482 webkit2gtk3: Fix of 4 CVEs

CVE-2025-13502: fix out of bounds read and integer underflow by adding bounds checking and validating message delimiters - CVE-2025-43430: fix bbq jit compiler writing to wrong stack slots in wasm try/catch blocks - CVE-2025-43421: fix memory handling issues that cause unexpected process crashes...

8.8CVSS6AI score0.00956EPSS
Exploits0References1
CVE
CVE
added 2025/07/22 8:49 p.m.76 views

CVE-2025-8027

CVE-2025-8027 describes a 64-bit value handling bug in the Firefox/Thunderbird JavaScript engines: on 64-bit platforms IonMonkey-JIT writes only 32 bits of a 64-bit return value to the stack, while Baseline-JIT reads all 64 bits. This can disclose or mishandle information in the return value spac...

6.5CVSS6.6AI score0.00351EPSS
Exploits0References9Affected Software2
Debian CVE
Debian CVE
added 2025/07/22 8:49 p.m.6 views

CVE-2025-8027

On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and...

6.5CVSS6.4AI score0.00351EPSS
Exploits0
Cvelist
Cvelist
added 2025/07/22 8:49 p.m.15 views

CVE-2025-8027 JavaScript engine only wrote partial return value to stack

On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and...

0.00351EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/07/22 12:0 a.m.3 views

Mozilla Firefox ESR < 128.13

The version of Firefox ESR installed on the remote Windows host is prior to 128.13. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-58 advisory. - Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140....

9.8CVSS8.5AI score0.00472EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-47317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: Fix detecting BPF atomic instructions Commit 91c960b0056672 bpf: Rename BPFXADD...

3.3CVSS4.7AI score0.00174EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/03/04 12:0 a.m.7 views

PT-2025-9658 · Mozilla +10 · Firefox +10

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 136 Firefox ESR versions prior to 115.21 Firefox ESR versions prior to 128.8 Description: The issue arises when the JIT compiles WASM i32 return values on 64-bit CPUs, potentially picking up bits from leftover memory...

10CVSS8.6AI score0.1307EPSS
Exploits9References397
NVD
NVD
added 2022/11/01 8:15 p.m.21 views

CVE-2022-32923

A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app...

6.5CVSS0.0091EPSS
Exploits0References8
OSV
OSV
added 2022/11/01 8:15 p.m.5 views

CVE-2022-32923

A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app...

6.5CVSS7.6AI score
Exploits0References8
Rows per page
Query Builder