Out Of Bounds Memory Access

chromium is vulnerable to Out Of Bounds Memory Access . The vulnerability is due to a flaw in the V8 JavaScript engine, allowing a remote attacker to perform out-of-bounds memory access via a crafted HTML page...

PT-2024-1166

The vulnerable software is Google Chrome, specifically the V8 JavaScript engine, which is also used in other Chromium-based browsers such as Microsoft Edge, Brave, and Opera. The issue is an out-of-bounds memory access vulnerability that can be exploited by attackers to trigger crashes or execute...

Type Confusion

chromium is vulnerable to Type Confusion. This vulnerability could allow an attacker to execute arbitrary code on a victim's computer by exploiting a flaw in the V8 JavaScript engine. The impact of this vulnerability is high, as it can be exploited by attackers to steal sensitive data, take contr...

Google Addresses High-Stakes Chrome Zero-Day Vulnerability

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google tackles Chromes zero-day CVE-2023-3079 vulnerability, which is related to a weakness in the Chrome V8 JavaScript engine. It poses a significant threat by allowing attackers to execute...

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!

Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's...

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!

Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079 , the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's...

Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability

Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue ...

Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players' Systems

An unknown threat actor created malicious game modes for the Dota 2 multiplayer online battle arena MOBA video game that could have been exploited to establish backdoor access to players' systems. The modes exploited a high-severity flaw in the V8 JavaScript engine tracked as CVE-2021-38003 CVSS...

Update now! Emergency fix for Google Chrome's V8 JavaScript engine zero-day flaw released

On Friday, December 2, Google rolled out an out-of-band patch for an actively exploited zero-day vulnerability in its V8 JavaScript engine. The flaw could allow attackers to cause a system crash or execute potentially malicious code. That means you'll want to update Chrome to patch against this...

Foxit Reader deletePages Field Calculate use-after-free vulnerability

Talos Vulnerability Report TALOS-2022-1600 Foxit Reader deletePages Field Calculate use-after-free vulnerability November 10, 2022 CVE Number CVE-2022-32774 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.0.1.12430. By prematurely...

UBUNTU-CVE-2022-1134

Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Google Patches Actively Exploited Chrome Bug

While people were celebrating the Fourth of July holiday in the United States, Google quietly rolled out a stable channel update for Chrome to patch an actively exploited zero-day vulnerability, the fourth such flaw the vendor has had to patch in its browser product so far this year. Chrome 103...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. and V8 is an open source JavaScript engine. A security vulnerability exists in Google Chrome that stems from type obfuscation in V8...

Experts Detail New RCE Vulnerability Affecting Google Chrome Dev Channel

Details have emerged about a recently patched critical remote code execution vulnerability in the V8 JavaScript and WebAssembly engine used in Google Chrome and Chromium-based browsers. The issue relates to a case of use-after-free in the instruction optimization component, successful exploitatio...

KLA12530 Multiple vulnerabilities in Foxit Reader

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability can be exploited remotely ...

Google Releases Urgent Chrome Update to Patch Actively Exploited Zero-Day Flaw

Google on Thursday shipped emergency patches to address two security issues in its Chrome web browser, one of which it says is being actively exploited in the wild. Tracked as CVE-2022-1364, the tech giant described the high-severity bug as a case of type confusion in the V8 JavaScript engine...

Security advisory: Recently reported Chromium "Type confusion" issue impacts Qt WebEngine

Google has recently reported that Chromium has a security issue - Type confusion in the V8 JavaScript engine - which is reported in a bit more detail here: https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop25.html. This has been assigned the CVE id CVE-2022-1096. This...

Heap overflow

V8 javascript engine heap vulnerability can cause privilege escalation ,which can impact on some webOS TV models...

CVE-2022-23731

V8 javascript engine heap vulnerability can cause privilege escalation ,which can impact on some webOS TV models...

Mageia: Security Advisory (MGASA-2014-0183)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...