Cesanta MJS stack overflow vulnerability (CNVD-2021-38645)

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for resource-constrained microcontrollers. A stack overflow vulnerability exists in parseblock in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS stack overflow vulnerability (CNVD-2021-38652)

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parsecomparison in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS stack overflow vulnerability (CNVD-2021-38651)

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parseshifts in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parsevalue in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

CVE-2021-21635

Jenkins REST List Parameter Plugin 1.3.0 and earlier does not escape a parameter name reference in embedded JavaScript, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

CVE-2019-4388

HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting XSS attacks by allowing users to embed arbitrary JavaScript code in the Web UI...

PT-2019-9566 · Ibm · Ibm Rational Collaborative Lifecycle Management

Name of the Vulnerable Software and Affected Versions: IBM Rational Collaborative Lifecycle Management versions 6.0 through 6.0.6.1 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials...

CVE-2018-4902

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the rendering engine. The vulnerability is triggered by a crafted P...

DEBIAN-CVE-2017-1000188

nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scripting in the ejs.renderFile resulting in code injection...

Palo Alto Traps Server Persistent Cross-Site Scripting Vulnerability

Palo Alto Traps is an advanced endpoint protection package that detects attacks like memory corruption and DLL hijacking. A cross-site scripting vulnerability exists in Palo Alto Traps when handling SOAP requests with embedded JavaScript, which can be exploited by an attacker to execute arbitrary...

Microsoft Office code execution

It's possible to embed javasript code into document...

Malicious Website - Embedded Javascript Detection

Binary data 4487.prm...

GoAhead Web Server 2.1 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/5464/info GoAhead WebServer is an Open Source embedded web server which supports Active Server Pages, embedded javascript, and SSL authentication and encryption. It is available for a variety of platforms including Microsoft Windows and Linux variant...