SUSE CVE-2016-1646

The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted...

CVE-2022-27008

nginx njs 0.7.2 is vulnerable to Buffer Overflow. Type confused in Array.prototype.concat when a slow array appended element is fast array...

PT-2022-2375 · Nginx · Nginx Njs

Name of the Vulnerable Software and Affected Versions: nginx njs version 0.7.2 Description: The issue is related to a Buffer Overflow in the Array.prototype.concat function of the njs interpreter in the nginx server. This occurs when a slow array appended element is a fast array, leading to a typ...

CVE-2021-46488

Jsish v3.5.0 was discovered to contain a SEGV vulnerability via jsiArrayConcatCmd at src/jsiArray.c. This vulnerability can lead to a Denial of Service DoS...

Google Chrome 72.0.3626.121 / 74.0.3725.0 - NewFixedDoubleArray Integer Overflow Exploit

Google Chrome 72.0.3626.121 / 74.0.3725.0 - NewFixedDoubleArray Integer Overflow Exploit VULNERABILITY DETAILS https://cs.chromium.org/chromium/src/v8/src/heap/factory.cc?rcl=dd689541d3815d64b4b39f6a41603248c71aa00e&l=496 Handle Factory::NewFixedDoubleArrayint length, PretenureFlag pretenure...

Microsoft Windows JScript Array concat Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows JScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Apple Safari Array Concat Uninitialized Buffer Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

(Pwn2Own) Apple Safari Array concat Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

Safari Browser: Memory corruption in Array concat (CVE-2017-2464)

There is an out-of-bounds memcpy in Array.concat that can lead to memory corruption. In builtins/ArrayPrototype.js, the function concatSlowPath calls a native method @appendMemcpy with a parameter resultIndex that is handled unsafely by the method. It calls JSArray::appendMemcpy, which calculates...

chromium-browser: out-of-bounds read in V8

The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted...

UBUNTU-CVE-2016-1646

The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted...