Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive credential-stealing framework. The affected packages include - laravel-lang/lang laravel-lang/http-statuses...

JerryScript Code Issues Vulnerabilities

JerryScript is a lightweight JavaScript engine from the Jerryscript project. A security vulnerability exists in JerryScript version 2.3.0, which originated from a vulnerability that allows a local attacker to cause a denial of service DoS via ecma-helpers.c. The vulnerability is caused by the use...

UBUNTU-CVE-2023-30406

Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component ecmafindnamedproperty at /base/ecma-helpers.c...

PT-2023-22677 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: Jerryscript version 1a2c047 Description: A segmentation violation was discovered in Jerryscript via the component ecma find named property at /base/ecma-helpers.c. Recommendations: For Jerryscript version 1a2c047, consider avoiding the use of...

PT-2022-27331 · Binbloom · Binbloom

Name of the Vulnerable Software and Affected Versions: Binbloom version 2.0 Description: A heap buffer overflow was discovered in Binbloom via the read pointer function at /binbloom-master/src/helpers.c. This issue may be exploited, but details about the estimated number of potentially affected...

Binbloom 缓冲区错误漏洞

Binbloom is an open source tool from Quarkslab. It is used to analyze raw binary firmware and automatically determine some of its characteristics. A security vulnerability exists in Binbloom version 2.0, which originates from a heap buffer overflow contained in the readpointer function via...

PYSEC-2018-54

helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL...