EUVD-2024-46576

Malicious code in bioql PyPI...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows a hacker to gain access to read and write arbitrary files.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability can allow an attacker to gain read and write access to arbitrary files through a specially crafted HTML page...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to operations that go beyond buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure...

CVE-2024-5351

A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been declared as critical. Affected by this vulnerability is the function getValueFromJs of the component Javascript Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to improper validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information by loading...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially crafted HTML page...

CVE-2024-5351

A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been declared as critical. Affected by this vulnerability is the function getValueFromJs of the component Javascript Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been...

CVE-2024-5351 anji-plus AJ-Report Javascript getValueFromJs deserialization

A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been declared as critical. Affected by this vulnerability is the function getValueFromJs of the component Javascript Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been...

CVE-2024-5351

CVE-2024-5351 affects anji-plus AJ-Report up to 1.4.1. The vulnerability is in the Javascript Handler’s getValueFromJs function, where a deserialization issue can be triggered. This allows a remote attacker to exploit the flaw, with public disclosure of the exploit, per the CVE description and re...

CVE-2024-5351 anji-plus AJ-Report Javascript getValueFromJs deserialization

A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been declared as critical. Affected by this vulnerability is the function getValueFromJs of the component Javascript Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been...

AJ-Report 安全漏洞

AJ-Report is a fully open source, drag-and-drop editing visual design tool from anji-plus open source. A security vulnerability exists in anji-plus AJ-Report 1.4.1 and earlier versions, which stems from a deserialization vulnerability in the function getValueFromJs of the component Javascript...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to trigger a service failure or execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code using a specially crafted HTML page...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to trigger a service failure or execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code using a specially crafted HTML page...

PT-2023-16680 · Typora · Typora

Name of the Vulnerable Software and Affected Versions: Typora versions 1.5.5 and earlier Description: A critical issue was found in the WSH JScript Handler component, leading to code injection. The manipulation requires a local attack approach. The issue has been publicly disclosed and may be...

The vulnerability of the JavaScript script handler in PDF viewer software like Foxit PDF Reader lies in the use of memory after it is freed, allowing an attacker to execute arbitrary JavaScript code.

The vulnerability of the JavaScript script handler in PDF viewer software, such as Foxit PDF Reader, relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary JavaScript code remotely...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...