V8 Security Vulnerabilities and Issues — V8 CVE List

Lucene search

GoogleV8

17 matches found

CVE•added 2014/05/21 11:14 a.m.•178 views

CVE-2014-3152

Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a nega...

7.5CVSS7AI score0.03199EPSS

CVE•added 2015/04/19 10:59 a.m.•82 views

CVE-2015-1242

The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages "type conf...

7.5CVSS7.2AI score0.0203EPSS

CVE•added 2013/12/07 12:55 a.m.•79 views

CVE-2013-6639

The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the...

7.5CVSS9.3AI score0.02842EPSS

CVE•added 2013/12/07 12:55 a.m.•75 views

CVE-2013-6640

The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a variable to the value of an array element wi...

7.5CVSS8.6AI score0.02718EPSS

CVE•added 2014/03/05 5:11 a.m.•74 views

CVE-2013-6668

Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS9.3AI score0.08647EPSS

CVE•added 2015/04/19 10:59 a.m.•72 views

CVE-2015-3333

Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.8AI score0.00241EPSS

CVE•added 2015/03/09 12:59 a.m.•67 views

CVE-2015-2238

Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as used in Google Chrome before 41.0.2272.76, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS7AI score0.00107EPSS

CVE•added 2015/05/20 10:59 a.m.•64 views

CVE-2015-3910

Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as used in Google Chrome before 43.0.2357.65, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.9AI score0.00257EPSS

CVE•added 2015/12/06 1:59 a.m.•64 views

CVE-2015-8478

Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.73, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS9.5AI score0.00111EPSS

CVE•added 2012/11/07 11:43 a.m.•63 views

CVE-2012-5128

Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

7.5CVSS7.1AI score0.00887EPSS

CVE•added 2013/12/07 12:55 a.m.•63 views

CVE-2013-6638

Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1) Runtime_TypedArrayIniti...

7.5CVSS7.2AI score0.04074EPSS

CVE•added 2015/09/03 10:59 p.m.•59 views

CVE-2015-6580

Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, as used in Google Chrome before 45.0.2454.85, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS7AI score0.00113EPSS

CVE•added 2014/10/08 10:55 a.m.•58 views

CVE-2014-7967

Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15, as used in Google Chrome before 38.0.2125.101, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS7AI score0.00111EPSS

CVE•added 2015/10/15 10:59 a.m.•58 views

CVE-2015-7834

Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as used in Google Chrome before 46.0.2490.71, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS9.4AI score0.00191EPSS

CVE•added 2012/11/07 11:43 a.m.•57 views

CVE-2012-5120

Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array.

7.5CVSS9.4AI score0.0288EPSS

CVE•added 2015/07/09 10:59 a.m.•56 views

CVE-2015-5380

The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a UTF-16 surrogate pair, which allows remote attackers to cause a denial...

7.5CVSS9.4AI score0.00755EPSS

CVE•added 2015/01/22 10:59 p.m.•50 views

CVE-2015-1346

Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS9.5AI score0.00313EPSS