Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
v8 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-31314
File upload vulnerability in ejinshan v8+ terminal security system allows malicious users to upload arbitrary files to arbitrary locations on the server.
Ejinshan Terminal Security System 8.0
9.8
CVSSv3
CVE-2023-39747
TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm.
Tp-link Tl-wr940n V2 Firmware -
Tp-link Tl-wr941nd V5 Firmware -
Tp-link Tl-wr841n V8 Firmware -
9.8
CVSSv3
CVE-2023-28445
Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in ...
Deno Serde V8 0.87.0
Deno Deno Runtime 0.102.0
Deno Deno 1.32.0
9.8
CVSSv3
CVE-2022-39266
isolated-vm is a library for nodejs which gives the user access to v8's Isolate interface. In versions 4.3.6 and prior, if the untrusted v8 cached data is passed to the API through CachedDataOptions, attackers can bypass the sandbox and run arbitrary code in the nodejs proce...
Isolated-vm Project Isolated-vm
9.8
CVSSv3
CVE-2022-36536
An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows malicious users to escalate privileges via creating crafted session tokens.
Syncovery Syncovery
1 Metasploit module
9.8
CVSSv3
CVE-2022-21122
The package metacalc prior to 0.0.2 are vulnerable to Arbitrary Code Execution when it exposes JavaScript's Math class to the v8 context. As the Math class is exposed to user-land, it can be used to get access to JavaScript's Function constructor.
Metarhia Metacalc
9.8
CVSSv3
CVE-2021-32619
Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically i...
Deno Deno
9.8
CVSSv3
CVE-2020-26535
An issue exists in Foxit Reader and PhantomPDF prior to 10.1. If TslAlloc attempts to allocate thread local storage but obtains an unacceptable index value, V8 throws an exception that leads to a write access violation (and read access violation).
Foxitsoftware Foxit Reader
Foxitsoftware Phantompdf
9.8
CVSSv3
CVE-2020-12047
The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24), when used with a Baxter Spectrum v8.x (model 35700BAX2) in a factory-default wireless configuration enables an FTP service with hard-coded credentials.
Baxter Sigma Spectrum Infusion System Firmware 8.0
9.8
CVSSv3
CVE-2020-12045
The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when used in conjunction with a Baxter Spectrum v8.x (model 35700BAX2), operates a Telnet service on Port 1023 with hard-coded credentials.
Baxter Sigma Spectrum Infusion System Firmware 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »