CVE-2025-47154

CRITICAL Year: 2025
CVSS v3 Score
9.0
Critical
Weakness Type
CWE-820
View all →

Vulnerability Description

LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that arguments_list references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says "Ladybird is in a pre-alpha state, and only suitable for use by developers."

Related Vulnerabilities

CVE-2024-49114

HIGH
CVSS:7.8(High)

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CWE-8202024

CVE-2025-1445

HIGH
CVSS:7.5(High)

A vulnerability exists in RTU IEC 61850 client and server functionality that could impact the availability if renegotiation of an open IEC61850 TLS connection takes place in specific timing situations...

CWE-8202025

CVE-2024-49114

HIGH
CVSS:7.8(High)

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CWE-8202024

CVE-2025-1445

HIGH
CVSS:7.5(High)

A vulnerability exists in RTU IEC 61850 client and server functionality that could impact the availability if renegotiation of an open IEC61850 TLS connection takes place in specific timing situations...

CWE-8202025

CVE-2024-30387

HIGH
CVSS:6.5(Medium)

A Missing Synchronization vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker to cause a Denial-of-Servi...

CWE-8202024

CVE-2023-45084

MEDIUM
CVSS:6.1(Medium)

An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives d...

CWE-8202023