7 matches found
CVE-2024-21524
All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...
CVE-2024-21524
All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...
PT-2024-18938 · Npm · Node-Stringbuilder
Name of the Vulnerable Software and Affected Versions: node-stringbuilder versions all Description: The issue arises from incorrect memory length calculation in the node-stringbuilder package, leading to an Out-of-bounds Read. This occurs when methods such as ToBuffer, ToString, or CharAt are...
PT-2024-40768 · Oracle · Java.Base
Name of the Vulnerable Software and Affected Versions: com.github.javaparser affected versions not specified Description: The issue is related to a security exception. Technical details about the crash include the insertComments function in com.github.javaparser.CommentsInserter, as well as the...
SUSE CVE-2013-1708
Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service application crash via a crafted WAV file that is not properly handled by the nsCString::CharAt function...
Code injection
Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service application crash via a crafted WAV file that is not properly handled by the nsCString::CharAt function...
CVE-2013-1708
Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service application crash via a crafted WAV file that is not properly handled by the nsCString::CharAt function...