EUVD-2023-27656

Malicious code in bioql PyPI...

EUVD-2023-28822

Malicious code in bioql PyPI...

EUVD-2022-4748

Malicious code in bioql PyPI...

EUVD-2024-36341

Malicious code in bioql PyPI...

EUVD-2023-29821

Malicious code in bioql PyPI...

EUVD-2022-4601

Malicious code in bioql PyPI...

EUVD-2023-31806

Malicious code in bioql PyPI...

EUVD-2022-3980

Malicious code in bioql PyPI...

EUVD-2022-2080

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-1999024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MathJax version prior to version 2.7.4 contains a Cross Site Scripting XSS vulnerability in the \unicode macro that can result in Potentially untrusted Javascri...

CVE-2023-30470

A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve remote code execution. Note that this is only exploitable in cases where Herme...

CVE-2023-28081

A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted...

CVE-2023-23556

An error in BigInt conversion to Number in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by a malicious attacker to execute arbitrary code due to an out-of-bound write. Note that this bug is only exploitable in cases where Hermes is used to execute untrusted...

CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

CVE-2023-24832

A null pointer dereference bug in Hermes prior to commit 5cae9f72975cf0e5a62b27fdd8b01f103e198708 could have been used by an attacker to crash an Hermes runtime where the EnableHermesInternal config option was set to true. Note that this is only exploitable in cases where Hermes is used to execut...

CVE-2020-1913

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...

CVE-2020-1896

A stack overflow vulnerability in Facebook Hermes 'builtin apply' prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2 https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that th...

CVE-2020-1911

A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes prior to commit fe52854cdf6725c2eaa9e125995da76e6ceb27da allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only...

CVE-2020-1912

An out-of-bounds read/write vulnerability when executing lazily compiled inner generator functions in Facebook Hermes prior to commit 091835377369c8fd5917d9b87acffa721ad2a168 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the...

Alibaba Cloud Linux 3 : 0248: gnome-shell and gnome-shell-extensions (ALINUX3-SA-2024:0248)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0248 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-36472: In GNOME Shell through 45.7, a port...