CVE-2021-33444

An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is NULL pointer dereference in getpropbuiltinforeign in mjs.c...

CVE-2024-33444

SQL injection vulnerability in onethink v.1.1 allows a remote attacker to escalate privileges via a crafted script to the ModelModel.class.php component...

CVE-2024-33444

SQL injection vulnerability in onethink v.1.1 allows a remote attacker to escalate privileges via a crafted script to the ModelModel.class.php component...

CVE-2021-33444

CVE-2021-33444 affects the embedded JavaScript engine Cesanta MJS (mJS). The issue is a NULL pointer dereference in the function getprop_builtin_foreign() inside mjs.c, which could lead to a crash or instability in affected builds. The CVE entry, sourced from multiple vendors and databases, consi...

OSV-2021-664 Heap-use-after-free in module_check_cast

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33444 Crash type: Heap-use-after-free READ 4 Crash state: modulecheckcast serverconnectunref serverunref...

XChat PySys_SetArgv函数命令执行漏洞

BUGTRAQ ID: 33444 CVECAN ID: CVE-2009-0315 X-Chat是一款免费开放源代码的IRC客户端。 xchat的Python模块中使用了不可信任的搜索路径，本地用户可以在当前工作目录中放置恶意的Python文件并利用PySysSetArgv函数调用中的安全漏洞（CVE-2008-5983）执行任意代码。 X-Chat X-Chat 2.8.7b X-Chat X-Chat 2.8.6 厂商补丁： X-Chat ------ 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...