CVE-2025-46067

An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges and obtain sensitive information via a crafted js file...

CVE-2025-46067

An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges and obtain sensitive information via a crafted js file...

Automai Director 安全漏洞

Automai Director is a centralized automation management console from Automai Corporation. A security vulnerability exists in Automai Director version 25.2.0, which can be exploited by a remote attacker to elevate privileges and gain access to sensitive information via a specially crafted js file...

CVE-2025-46067

CVE-2025-46067 affects Automai Director v25.2.0. The issue allows a remote attacker to escalate privileges and access sensitive information via a specially crafted JavaScript file. Evidence from multiple sources confirms the affected product/version and the nature of the impact, described as priv...

PT-2026-2274

Name of the Vulnerable Software and Affected Versions Automai Director version 25.2.0 Description An issue in Automai Director version 25.2.0 allows a remote attacker to escalate privileges and obtain sensitive information through a crafted js file. Recommendations At the moment, there is no...

CVE-2025-46067

An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges and obtain sensitive information via a crafted js file...

EUVD-2026-1929

An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges and obtain sensitive information via a crafted js file...

Linux Distros Unpatched Vulnerability : CVE-2016-9642

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JavaScriptCore in WebKit allows attackers to cause a denial of service out-of-bounds heap read via a crafted Javascript file. CVE-2016-9642 Note that Nessus...

CVE-2021-36535

Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjsseterrorf...

CVE-2023-30188

Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file...

CVE-2023-30186

A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file...

Improper access control

An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file...

PT-2023-4393 · Onlyoffice · Onlyoffice Document Server

Name of the Vulnerable Software and Affected Versions: ONLYOFFICE DocumentServer versions 4.0.3 through 7.3.2 Description: An out of bounds memory access issue in the JavaScript File Handler component allows remote attackers to execute arbitrary code via a crafted JavaScript file. This can be...

CVE-2023-30188

Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file...

SUSE CVE-2009-2664

The jswatchset function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service assertion failure and application exit or possibly execute arbitrary code via a crafted .js file, related to a "memory safety bug." NOTE:...

CVE-2021-36535

Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjsseterrorf...

Remote Code Execution (RCE)

mujs is vulnerable to remote code execution. The vulnerability exists due to the logical issue in the OgetOwnPropertyDescriptor function, allowing an attacker to inject and execute malicious code through memory corruption via the loading of a crafted javascript file...

CVE-2022-44789

A logical issue in OgetOwnPropertyDescriptor in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file...

CVE-2022-44789

A logical issue in OgetOwnPropertyDescriptor in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file...

Artifex Software MuJS Integer Overflow Vulnerability (CNVD-2017-01667)

Artifex Software MuJS is a lightweight JavaScript interpreter from Artifex Software, USA, which is used to embed into other software to provide script execution capabilities. Artifex Software MuJS 8f62ea10a0af68e56d5c00720523ebcba13c2e6a A security vulnerability exists in previous versions of...