CVE-2025-53890

pyload is an open-source Download Manager written in pure Python. An unsafe JavaScript evaluation vulnerability in pyLoad’s CAPTCHA processing code allows unauthenticated remote attackers to execute arbitrary code in the client browser and potentially the backend server. Exploitation requires no...

CVE-2025-53890 pyLoad vulnerable to remote code execution through js2py onCaptchaResult

pyload is an open-source Download Manager written in pure Python. An unsafe JavaScript evaluation vulnerability in pyLoad’s CAPTCHA processing code allows unauthenticated remote attackers to execute arbitrary code in the client browser and potentially the backend server. Exploitation requires no...

CVE-2025-53890 pyLoad vulnerable to remote code execution through js2py onCaptchaResult

pyload is an open-source Download Manager written in pure Python. An unsafe JavaScript evaluation vulnerability in pyLoad’s CAPTCHA processing code allows unauthenticated remote attackers to execute arbitrary code in the client browser and potentially the backend server. Exploitation requires no...

CVE-2025-53890

pyload-ng/pyload contains an unsafe JavaScript evaluation vulnerability in the CAPTCHA processing code that allows unauthenticated remote attackers to execute arbitrary code in the client browser and potentially the backend server. Exploitation does not require user interaction, and can lead to s...

pyLoad 代码注入漏洞

pyLoad is a free and open source download manager written in Python by pyLoad Open Source. A code injection vulnerability exists in pyLoad that stems from an insecure JavaScript evaluation that could lead to remote code execution...

OSV-2025-541 Heap-buffer-overflow in js_create_function

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=430091578 Crash type: Heap-buffer-overflow READ 2 Crash state: jscreatefunction JSEvalInternal JSEvalObject...

CVE-2022-32234

An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted...

CVE-2021-24037

A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of...

CVE-2021-24045

A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.10.0. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected...

PT-2025-21905 · Git +1 · Quickjs

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software suffers from a heap-buffer-overflow read issue. The crash occurs during JS CallInternal, JS EvalFunctionInternal, and JS EvalInternal function...

Cross-site Scripting (XSS)

Vega is vulnerable to Cross-site Scripting XSS. The vulnerability is due to unsafe evaluation of JavaScript code due to the lack of an expression interpreter when processing Vega/Vega-lite JSON definitions...

CVE-2024-56358 Cross-site Scripting vulnerability through svg attachment previews in grist-core

grist-core is a spreadsheet hosting server. A user visiting a malicious document and previewing an attachment could have their account compromised, because JavaScript in an SVG file would be evaluated in the context of their current page. This issue has been patched in version 1.3.2. Users are...

CVE-2024-56358 Cross-site Scripting vulnerability through svg attachment previews in grist-core

grist-core is a spreadsheet hosting server. A user visiting a malicious document and previewing an attachment could have their account compromised, because JavaScript in an SVG file would be evaluated in the context of their current page. This issue has been patched in version 1.3.2. Users are...

CVE-2024-56358

CVE-2024-56358 affects Grist Core prior to 1.3.2. The vulnerability is a cross-site scripting (XSS) condition where previewing an SVG-embedded JavaScript in a malicious document is executed in the user’s page context, potentially compromising the user’s account. Affected component: grist-core ser...

URL Spoofing

firefox:edge is vulnerable to URL spoofing. When a JavaScript URL javascript: is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL as reported by the document.location property, for example was the...

Processing untrusted theming resources might execute arbitrary code (ACE)

Impact When processing theming resources i.e. .less files with less-openui5 that originate from an untrusted source, those resources might contain JavaScript code which will be executed in the context of the build process. While this is a feature of the Less.js library, it is an unexpected behavi...

Design/Logic Flaw

An out-of-bounds read/write vulnerability when executing lazily compiled inner generator functions in Facebook Hermes prior to commit 091835377369c8fd5917d9b87acffa721ad2a168 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the...

Cross-Site Scripting (XSS)

rack-mini-profiler is vulnerable to cross-site scripting XSS. The vulnerability exists through the value of the query in timerstruct/sql.rb where a prepared SQL query can be evaluated and rendered as Javascript...

CVE-2019-15954

An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the widgets privilege can gain achieve Remote Command Execution RCE on the remote server by creating a malicious widget with a special tag containing JavaScript code that will be evaluated server side. In the process of...

math.js remote code execution vulnerability

This article explains in short how we found, exploited and reported a remote code execution RCE vulnerability. It is meant to be a guide to finding vulnerabilities, as well as reporting them in a responsible manner. Step one: discovery While playing around with a wrapper of the math.js API...