EUVD-2025-37919

A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...

CVE-2025-12745 QuickJS quickjs.c js_array_buffer_slice buffer over-read

A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...

CVE-2025-12745

A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...

QuickJS 安全漏洞

QuickJS is a small and embeddable Javascript engine open-sourced by QuickJS. A security vulnerability exists in QuickJS, which stems from a buffer over-read in the function jsarraybufferslice in the file quickjs.c, which could lead to a local execution attack...

PT-2025-45149

Name of the Vulnerable Software and Affected Versions QuickJS versions prior to eb2c89087def1829ed99630cb14b549d7a98408c Description A flaw exists in QuickJS that allows for a buffer over-read. This issue is related to the js array buffer slice function within the quickjs.c file. Exploitation is...

EUVD-2016-2758

Malware in sbrugna...

Browser Security Posture Analysis: a Client-Side Security Assessment Framework

Modern web browsers have effectively become the new operating system for business applications, yet their security posture is often under-scrutinized. This paper presents a novel, comprehensive Browser Security Posture Analysis Framework1, a browser-based client-side security assessment toolkit...

undici Security breach

undici is an HTTP/1.1 client. A security vulnerability exists in undici version 6.14.0 through versions prior to 6.19.2, which stems from the response.arrayBuffer function potentially containing portions of memory from a Node.js process...

PT-2024-27966 · Node.Js · Undici

Name of the Vulnerable Software and Affected Versions: Undici versions prior to 6.19.2 Description: Undici is an HTTP/1.1 client, written from scratch for Node.js. Depending on network and process conditions of a fetch request, response.arrayBuffer might include a portion of memory from the Node....

PT-2023-12423 · Unknown · Serenityos

Name of the Vulnerable Software and Affected Versions: SerenityOS affected versions not specified Description: A critical issue has been found in SerenityOS, affecting the function initialize typed array from array buffer in the library Userland/Libraries/LibJS/Runtime/TypedArray.cpp. This issue...

SUSE CVE-2015-1267

Blink, as used in Google Chrome before 43.0.2357.130, does not properly restrict the creation context during creation of a DOM wrapper, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that uses a Blink public API, related to WebArrayBufferConverter.cpp,...

SUSE CVE-2015-4484

The js::jit::AssemblerX86Shared::lockaddl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service application crash by leveraging the use of shared memory and accessing 1 an Atomics object or 2 ...

CVE-2018-21240

An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer0xfffffffe call...

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution RCE. The vulnerability exists due to an Array buffer Use-after-free UAF bug in GlobOpt.cpp, which allows a remote attacker to execute arbitrary commands in the context of the authenticated user. This CVE ID is different from CVE-2018-087...

spice-server security update

0.12.4-16.2 - Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506 0.12.4-16.1 - Fix flexible array buffer overflow Resolves: rhbz1596008...

Analysis Firefox the shared array buffer of the UAF exploit-vulnerability warning-the black bar safety net

This article explores the structured cloning algorithm to handle the shared array buffer occurs when a reference leakage problems. While the lack of overflow checking, can be exploited to execute arbitrary code. Is divided into the following sections: Background, vulnerability, summary We exploit...

Google Android - 'BadKernel' Remote Code Execution

function gc forvar i=0;i0.toString16; function log var str = ""; forvar i=0;i"; console.logstr; document.writestr; function setaccessaddressaddress controllerdv.setUint3234,address,true; controllerdv.setUint3244,0x40000000,true; function getdateviewaddress setaccessaddressaddress;...

Mozilla: Crash when using shared memory in JavaScript (MFSA 2015-87)

The js::jit::AssemblerX86Shared::lockaddl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service application crash by leveraging the use of shared memory and accessing 1 an Atomics object or 2 ...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors...

UBUNTU-CVE-2015-2739

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors...