155 matches found
CVE-2020-1915
An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application...
CVE-2020-1915
An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application...
CVE-2020-1915
An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application...
CVE-2020-1914
A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. Note that this is only exploitable i...
CVE-2020-1914
A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. Note that this is only exploitable i...
CVE-2020-1913
An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...
Integer overflow
An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...
CVE-2020-1913
An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...
Authorization Bypass
firefox is vulnerable to authorization bypass. The vulnerability exists as an attacker could use these flaws to create a malicious web page that could bypass the same-origin policy, or possibly run untrusted JavaScript...
CVE-2017-10078
It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions...
MathJax Cross-Site Scripting Vulnerability
MathJax is an open source JavaScript display engine . A cross-site scripting vulnerability exists in the \unicode macro in MathJax versions prior to 2.7.4. A remote attacker can exploit this vulnerability to execute untrusted Javascript code in a web browser...
GHSA-3C48-6PCV-88RM Macro in MathJax running untrusted Javascript within a web browser
MathJax version prior to version 2.7.4 contains a Cross Site Scripting XSS vulnerability in the \unicode macro that can result in Potentially untrusted Javascript running within a web browser. This attack appear to be exploitable via The victim must view a page where untrusted content is processe...
DEBIAN-CVE-2018-1999024
MathJax version prior to version 2.7.4 contains a Cross Site Scripting XSS vulnerability in the \unicode macro that can result in Potentially untrusted Javascript running within a web browser. This attack appear to be exploitable via The victim must view a page where untrusted content is processe...
OpenJDK: Nashorn incompletely blocking access to Java APIs (Scripting, 8171539)
It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions...
PT-2017-4257 · Ruby +4 · Yajl-Ruby +4
Name of the Vulnerable Software and Affected Versions: yajl-ruby gem version 1.3.0 Description: The issue is related to insufficient processing of a format string in the yajl string decode function of the yajl encode.c component in the YAJL-ruby JSON library. When a crafted JSON file is supplied ...
OpenJDK: Nashorn incompletely blocking access to Java APIs (Scripting, 8171539)
It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions...
Adobe Reader for Android < 11.2.0 - 'addJavascriptInterface' Local Overflow (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/fileformat' require 'msf/core/exploit/pdf' require 'msf/core/exploit/android' class Metasploit3 'Adobe Reader for Android...
Adobe Reader for Android addJavascriptInterface Exploit
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/fileformat' require 'msf/core/exploit/pdf' require 'msf/core/exploit/android' class Metasploit3 'Adobe Reader for Android...
Adobe Reader for Android addJavascriptInterface Exploit
Adobe Reader versions less than 11.2.0 exposes insecure native interfaces to untrusted javascript in a PDF. This Metasploit module embeds the browser exploit from android/webviewaddjavascriptinterface into a PDF to get a command shell on vulnerable versions of Reader. This module requires...
Android Browser and WebView addJavascriptInterface Code Execution
This module exploits a privilege escalation issue in Android 4.2's WebView component that arises when untrusted Javascript code is executed by a WebView that has one or more Interfaces added to it. The untrusted Javascript code can call into the Java Reflection APIs exposed by the Interface and...