43 matches found
Encoding Error
Overview asn1-ts is an ASN.1 encoding and decoding, including BER, CER, and DER. Affected versions of this package are vulnerable to Encoding Error in the integer decoding that can leak the underlying ArrayBuffer. Remediation Upgrade asn1-ts to version 11.0.6 or higher. References - GitHub Commit...
Improperly Controlled Sequential Memory Allocation
Overview com.foxinmy:weixin4j-base is a 微信开发基础工程 Affected versions of this package are vulnerable to Improperly Controlled Sequential Memory Allocation due to improper control of memory allocation in the CharArrayBuffer and ClassUtil components. An attacker can cause excessive memory consumption ...
CVE-2026-24819
Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules. This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j...
CVE-2026-24819
Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules. This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j...
CVE-2026-24819 An out-of-memory (OOM) issue in foxinmy/weixin4j
Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules. This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j...
CVE-2026-24819
CVE-2026-24819 refers to an Improperly Controlled Sequential Memory Allocation in foxinmy/weixin4j (weixin4j-base module), affecting CharArrayBuffer and ClassUtil Java components. Public descriptions in Red Hat, Snyk, and OSV entries confirm the issue impacts weixin4j across versions, with memory...
weixin4j security vulnerabilities
Weixin4j is a WeChat development toolkit personally developed by Jinyu. Weixin4j has security vulnerabilities, which stem from improper control over sequential memory allocation in the program files CharArrayBuffer.Java and ClassUtil.Java...
Denial Of Service (DoS)
Devalue is vulnerable to a Denial-Of-Service DoS.The vulnerability is due to missing input validation during ArrayBuffer hydration, where devalue.parse assumes base64-encoded input without verification, allowing crafted data to trigger excessive CPU and memory consumption when parsing untrusted...
devalue vulnerable to denial of service due to memory/CPU exhaustion in devalue.parse
Summary Certain inputs can cause devalue.parse to consume excessive CPU time and/or memory, potentially leading to denial of service in systems that parse input from untrusted sources. This affects applications using devalue.parse on externally-supplied data. The root cause is the ArrayBuffer...
CVE-2026-22774
A flaw was found in devalue, a JavaScript library used for serializing values. A remote attacker can exploit this vulnerability by providing specially crafted input to the devalue.parse function. This can cause the application to consume excessive CPU time and memory, leading to a denial of servi...
CVE-2026-22774 devalue vulnerable to denial of service due to memory exhaustion in devalue.parse
Svelte devalue is a JavaScript library that serializes values into strings when JSON.stringify isn't sufficient for the job. From 5.3.0 to 5.6.1, certain inputs can cause devalue.parse to consume excessive CPU time and/or memory, potentially leading to denial of service in systems that parse inpu...
EUVD-2026-2790
Svelte devalue is a JavaScript library that serializes values into strings when JSON.stringify isn't sufficient for the job. From 5.3.0 to 5.6.1, certain inputs can cause devalue.parse to consume excessive CPU time and/or memory, potentially leading to denial of service in systems that parse inpu...
kernel: wifi: ath12k: Fix for out-of bound access error
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using printarraytobufindex function. Array length parameter passed to the function is too big, resulting in possible out-of bound memory error...
CVE-2025-12745
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the jsarraybufferslice function. An attacker can access sensitive information or cause application instability by triggering a buffer over-read through crafted input. Remediation A fix was pushed into the...
CVE-2025-12745
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
CVE-2025-12745
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
CVE-2025-12745
CVE-2025-12745 affects QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. The vulnerability is in the function js_array_buffer_slice of quickjs.c and causes a buffer over-read. Exploitation is restricted to local execution; the exploit has been publicly disclosed. The CVE description and mul...
CVE-2025-12745
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
CVE-2025-12745 QuickJS quickjs.c js_array_buffer_slice buffer over-read
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...