Lucene search
K

667 matches found

CVE
CVE
added 2018/05/24 8:0 p.m.52 views

CVE-2018-11419

CVE-2018-11419 affects JerryScript 1.0, with a heap-based buffer over-read in lit_read_code_unit_from_hex triggered by a RegExp("[\u0") payload and related to re_parse_char_class in parser/regexp/re-parser.c. The vulnerability details are documented across multiple sources in the connected set an...

9.8CVSS9.3AI score0.01583EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/05/24 8:0 p.m.55 views

CVE-2018-11418

CVE-2018-11418 affects JerryScript 1.0. There is a heap-based buffer over-read in the function lit_read_code_unit_from_utf8, triggered by a RegExp("[\u0020") payload and related to re_parse_char_class in parser/regexp/re-parser.c. The issue is described across multiple sources as a vulnerability ...

9.8CVSS9.3AI score0.01583EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2018/05/24 8:0 p.m.20 views

CVE-2018-11419

Removed by vendor...

9.8CVSS9.4AI score0.01583EPSS
Exploits1
Debian CVE
Debian CVE
added 2018/05/24 8:0 p.m.28 views

CVE-2018-11418

Removed by vendor...

9.8CVSS9.4AI score0.01583EPSS
Exploits1
OSV
OSV
added 2018/04/25 12:14 p.m.10 views

SUSE-SU-2018:1074-1 Security update for perl

This update for perl fixes the following issues: Security issues fixed: - CVE-2018-6913: Fixed space calculation issues in pppack.c bsc1082216. - CVE-2018-6798: Fixed heap buffer overflow in regexec.c bsc1082233. - CVE-2018-6797: Fixed sharp-s regexp overflow bsc1082234...

9.8CVSS7.9AI score0.10866EPSS
Exploits0References7
0day.today
0day.today
added 2018/04/03 12:0 a.m.33 views

Google Chrome V8 - Genesis::InitializeGlobal Out-of-Bounds Read/Write Exploit

Exploit for multiple platform in category dos / poc / Bug: The Genesis::InitializeGlobal method initializes the constructor of RegExp as follows: // Builtin functions for RegExp.prototype. Handle regexpfun = InstallFunction global, "RegExp", JSREGEXPTYPE, JSRegExp::kSize +...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/04/03 12:0 a.m.54 views

Chrome V8 Genesis::InitializeGlobal Bugs

Chrome: V8: Bugs in Genesis::InitializeGlobal Bug: The Genesis::InitializeGlobal method initializes the constructor of RegExp as follows: // Builtin functions for RegExp.prototype. Handle regexpfun = InstallFunction global, "RegExp", JSREGEXPTYPE, JSRegExp::kSize + JSRegExp::kInObjectFieldCount...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2018/04/03 12:0 a.m.28 views

Google Chrome V8 - Genesis::InitializeGlobal Out-of-Bounds ReadWrite

Google Chrome V8 - Genesis::InitializeGlobal Out-of-Bounds ReadWrite / Bug: The Genesis::InitializeGlobal method initializes the constructor of RegExp as follows: // Builtin functions for RegExp.prototype. Handle regexpfun = InstallFunction global, "RegExp", JSREGEXPTYPE, JSRegExp::kSize +...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/03 12:0 a.m.42 views

Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write

/ Bug: The Genesis::InitializeGlobal method initializes the constructor of RegExp as follows: // Builtin functions for RegExp.prototype. Handle regexpfun = InstallFunction global, "RegExp", JSREGEXPTYPE, JSRegExp::kSize + JSRegExp::kInObjectFieldCount kPointerSize, JSRegExp::kInObjectFieldCount,...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/03/20 12:0 a.m.71 views

Internet Explorer - RegExp.lastMatch Memory Disclosure Exploit

Exploit for windows platform in category dos / poc / There is a vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. PoC: ========================================= / function ma...

6.2AI score0.14736EPSS
Exploits2
exploitpack
exploitpack
added 2018/03/20 12:0 a.m.14 views

Internet Explorer - RegExp.lastMatch Memory Disclosure

Internet Explorer - RegExp.lastMatch Memory Disclosure / There is a vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. PoC: ========================================= / functio...

Exploits0
Exploit DB
Exploit DB
added 2018/03/20 12:0 a.m.28 views

Internet Explorer - 'RegExp.lastMatch' Memory Disclosure

/ There is a vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. PoC: ========================================= / function main RegExp.input = toString: f; alertRegExp.lastMatc...

7.4AI score
Exploits0
Prion
Prion
added 2018/03/01 10:29 p.m.17 views

Heap overflow

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function in lit/lit-char-helpers.c via a RegExp"\x0"; payload...

7.5CVSS9.4AI score0.01879EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2018/03/01 10:29 p.m.26 views

CVE-2017-18212

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function in lit/lit-char-helpers.c via a RegExp"\x0"; payload...

9.8CVSS7.2AI score0.01879EPSS
Exploits0References2
NVD
NVD
added 2018/03/01 10:29 p.m.24 views

CVE-2017-18212

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function in lit/lit-char-helpers.c via a RegExp"\x0"; payload...

9.8CVSS9.6AI score0.01879EPSS
Exploits0References1
OSV
OSV
added 2018/03/01 10:29 p.m.22 views

CVE-2017-18212

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function in lit/lit-char-helpers.c via a RegExp"\x0"; payload...

9.8CVSS9.7AI score
Exploits0References1
Cvelist
Cvelist
added 2018/03/01 9:0 p.m.25 views

CVE-2017-18212

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function in lit/lit-char-helpers.c via a RegExp"\x0"; payload...

9.6AI score0.01879EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2018/03/01 9:0 p.m.19 views

CVE-2017-18212

Removed by vendor...

9.8CVSS9.5AI score0.01879EPSS
Exploits0
seebug.org
seebug.org
added 2018/03/01 12:0 a.m.35 views

Microsoft Edge: Chakra: JIT: CallRegExSymbolFunction doesn't check the return type

The "CallRegExSymbolFunction" method is used to call symbol functions in regexp objects. But it doesn't check the return value's type. Since the user can define the symbol functions, it can break the JIT compiler's type assumptions. Tested Microsoft Edge 41.16299.15.0 with Experimental JavaScript...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2017/07/13 12:0 a.m.28 views

Google Chrome: OOB access in RegExp Stubs

There is an out-of-bounds access in RegExp.prototype.exec and RegExp.prototype.test. The code defined in BranchIfFastRegExp checks whether a regular expression object has the default map, however, it is possible to alter the map after this check has been performed. This can cause inline fields,...

7AI score
Exploits0
Rows per page
Query Builder