EUVD-2022-29788

Malicious code in bioql PyPI...

CVE-2022-25044

Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString...

Stack overflow

Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString...

CVE-2021-46324

Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString...

CVE-2021-46323

Espruino 2v11.251 was discovered to contain a SEGV vulnerability via src/jsinteractive.c in jsiGetDeviceFromClass...

CVE-2021-46323

Espruino 2v11.251 was discovered to contain a SEGV vulnerability via src/jsinteractive.c in jsiGetDeviceFromClass...

CVE-2021-46324

Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString...

CVE-2021-46323

Espruino 2v11.251 was discovered to contain a SEGV vulnerability via src/jsinteractive.c in jsiGetDeviceFromClass...

CVE-2021-46323

CVE-2021-46323 affects Espruino 2v11.251, with a SEGV (segmentation fault) vulnerability in src/jsinteractive.c, function jsiGetDeviceFromClass. The CVSS data show: AV:N/AC:M/Au:N/C:N/I:N/A:P (CVSS2, base 4.3) and AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H (CVSS3, base 5.5). Exploitation details are not...

Espruino 缓冲区错误漏洞

Espruino is a JavaScript interpreter. It is designed for devices with only 128kB of flash memory and 8kB of RAM. A buffer error vulnerability exists in Espruino, which stems from the failure of jsvNewFromString in the product src/jsvar.c file to properly handle memory boundaries. The following...