144 matches found
CVE-2020-26952
Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox 83...
Remote Code Execution
firefox is vulnerable to remote code execution. Incorrect bookkeeping of functions inlined during JIT compilation allows an attacker to execute arbitrary code in the context of the victim by tricking the user into visiting a malicious web site. The vulnerability also allows a remote attacker to...
CVE-2020-26952
Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox 83...
CVE-2019-20454
An out-of-bounds read was discovered in PCRE when the pattern "\X" is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to crash the application...
CVE-2019-20454
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. T...
UBUNTU-CVE-2019-20454
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. T...
PT-2019-6339 · Pcre +7 · Pcre +7
Name of the Vulnerable Software and Affected Versions: PCRE versions prior to 10.34 Description: An out-of-bounds read was discovered in PCRE when the pattern X is JIT compiled and used to match specially crafted subjects in non-UTF mode. This issue affects applications that use PCRE to parse...
Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR
/ A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement OSR allows the compilation of JITed functions that cause type confusions between arbitrary objects. Prerequisites: 1. Spidermonkey can represent "plain" objects either as...
CVE-2019-9977
The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows attackers to trigger firmware code execution, and display a crafted message to vehicle occupants...
Design/Logic Flaw
The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows attackers to trigger firmware code execution, and display a crafted message to vehicle occupants...
CVE-2019-9977
CVE-2019-9977 affects the Tesla Model 3 entertainment system: the renderer process mishandles JIT compilation, enabling an attacker to trigger firmware code execution and display a crafted message to occupants. Documents across NVD, Red Hat, and CVE listings confirm this issue; CVSS3 base score i...
CVE-2019-9977
The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows attackers to trigger firmware code execution, and display a crafted message to vehicle occupants...
Microsoft Chakra JavaScript Loop Type Confusion Vulnerability
This vulnerability allows remote attackers to produce abnormal program execution on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Bypassing Mitigations by Attacking JIT Server in Microsoft Edge
Posted by Ivan Fratric, Project Zero With Windows 10 Creators Update, Microsoft introduced a new security mitigation in Microsoft Edge: Arbitrary Code Guard ACG. When ACG is applied to a Microsoft Edge Content Process, it makes it impossible to allocate new executable memory within a process or...
Microsoft Edge Chakra JIT - BailOutOnTaggedValue Bailouts Type Confusion
Microsoft Edge Chakra JIT - BailOutOnTaggedValue Bailouts Type Confusion / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1364 1. In the Chakra's JIT compilation process, it stores variables' type information by basic block. function optb let o; if b // BASIC BLOCK a o = ; else...
[SECURITY] Fedora 22 Update: pypy3-2.4.0-3.fc22
PyPy's implementation of Python 3, featuring a Just-In-Time compiler on som e CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...
The vulnerability of the SeaMonkey software allows a malicious attacker to execute arbitrary code or cause a service failure.
The vulnerability of the asm.js component of the SeaMonkey software lies in the improper definition of safe exception handling during JIT-compilation and the lack of access to dynamic memory. Exploiting this vulnerability allows a malicious actor to gain access to data in separate memory segments...
Linux Kernel '/arch/x86/net/bpf_jit_comp.c' Local Denial of Service Vulnerability
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel. An attacker could exploit this vulnerability to crash an application and deny service to legitimate users...
Design/Logic Flaw
The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to...
CVE-2015-0817
The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to...