5843 matches found
CVE-2022-35289
A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of...
CVE-2022-40138
An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...
CVE-2022-40138
An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...
Design/Logic Flaw
An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...
Integer overflow
A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of...
CVE-2022-32234
An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted...
CVE-2022-32234
An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted...
Design/Logic Flaw
An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted...
Facebook Hermes 缓冲区错误漏洞
Facebook Hermes is a JavaScript engine from Facebook Inc. in the United States. The engine is targeted at React Native applications to improve the performance of mobile client application apps, but is not applicable to server-side infrastructures such as browsers & Node.js. Facebook Hermes suffer...
Facebook Hermes 输入验证错误漏洞
Facebook Hermes is a JavaScript engine from Facebook Inc. in the United States. The engine is targeted at React Native applications to improve the performance of mobile client application apps, but not for server-side infrastructures such as browsers & Node.js. An input validation error...
Facebook Hermes 安全漏洞
Facebook Hermes is a JavaScript engine from Facebook Inc. in the United States. The engine is targeted at React Native applications to improve the performance of mobile client application apps, but not for server-side infrastructures such as browsers & Node.js. A security vulnerability exists in...
CVE-2022-35289
A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of...
CVE-2022-32234
An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted...
CVE-2022-40138
An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...
[SECURITY] Fedora 36 Update: nheko-0.10.2-1.fc36
The motivation behind the project is to provide a native desktop app for Matrix that feels more like a mainstream chat app...
Facebook Hermes 安全漏洞
Facebook Hermes is a JavaScript engine from Facebook Inc. in the United States. The engine is targeted at React Native applications to improve the performance of mobile client application apps, but not for server-side infrastructures such as browsers & Node.js. A security vulnerability exists in...
PT-2022-5134 · D-Bus +10 · D-Bus +10
Name of the Vulnerable Software and Affected Versions: D-Bus versions 1.12.24 and earlier, 1.13.x, 1.14.x before 1.14.4, and 1.15.x before 1.15.2 Description: An issue was discovered in D-Bus that allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash b...
This Week in Spring - October 4th, 2022
Hi, Spring fans! Welcome to another installment of This Week in Spring! Its October 4th, 2022, and Im in Austin, TX, for the new version of show formerly known as the Kafka Summit, here to talk to folks about the amazing opportunities for Spring Boot and Apache Kafka. On the 12th, Ill be in...
react-native-reanimated vulnerable to ReDoS
The package react-native-reanimated before 2.10.0 is vulnerable to Regular Expression Denial of Service ReDoS due to improper usage of regular expression in the parser of Colors.js...
@armiasystems/react-native-armia-chat-sdk (>=1.0.0 <=1.0.9), @ats-components/circular-manager (>=1.0.4 <=1.0.11) +409 more potentially affected by CVE-2022-24373 via react-native-reanimated (>=1.0.0-alpha.3 <=2.0.1)
react-native-reanimated NPM version =1.0.0-alpha.3, =1.0.0, =1.0.4, =1.0.3, =0.1.0, =5.2.0, =0.0.1-alpha.22, =3.1.5, =0.1.1, =1.0.0, =2.31.0, =1.0.2, =0.1.9, =0.6.33 and more Source cves: CVE-2022-24373 Source advisory: OSV:GHSA-2J79-8PQC-R7X6...