EUVD-2023-28823

Malicious code in bioql PyPI...

CVE-2023-30470

A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve remote code execution. Note that this is only exploitable in cases where Herme...

The vulnerability of the JavaScript engine Hermes JS is related to buffer overflow, allowing attackers to execute arbitrary code.

The vulnerability of the Hermes JS engine is related to buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Hermes JS JavaScript engine, related to the execution of operations outside the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Hermes JS engine is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Hermes JS JavaScript engine, related to the lack of data type conversion mechanisms, allows attackers to execute arbitrary code.

The vulnerability of the Hermes JS engine is related to the lack of a mechanism for type conversion. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

GHSA-GMPM-XP43-F7G6 Signed to Unsigned Conversion Error in Facebook Hermes

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...