Astra Linux - уязвимость в firefox

A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox 125...

jq: jq has signed integer overflow in jv.c:jvp_array_write

A flaw was found in jq, a command line JSON processor. An integer overflow can occur when attempting to assign a value using an array index of 2147483647 or when creating an array with 2147483647 elements, the maximum value for a 32-bit signed integer. This issue causes out-of-bounds memory acces...

The vulnerability of Mozilla Firefox’s WASM technology implementation allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of Mozilla Firefox’s WASM technology implementation lies in the use of memory after it is freed as a result of compiling the garbage collector during array creation. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

SUSE CVE-2024-3856

A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox 125...

CVE-2024-3856

A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox 125...

UBUNTU-CVE-2024-3856

A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox 125...

CVE-2024-3856

Concretely, CVE-2024-3856 affects Mozilla Firefox

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability that originates from the possibility of post-release usage during WASM execution if garbage collection is run during array creation. An...

SUSE CVE-2016-1700

extensions/renderer/runtimecustombindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors related ...

Integer overflow in TFLite array creation

Impact An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate: cc TfLiteIntArray TfLiteIntArrayCreateint size int allocsize = TfLiteIntArrayGetSizeInBytessize; // ... TfLiteIntArray ret = TfLiteIntArraymallocallocsize; // ... The...

GHSA-9GWQ-6CWJ-47H3 Integer overflow in TFLite array creation

Impact An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate: cc TfLiteIntArray TfLiteIntArrayCreateint size int allocsize = TfLiteIntArrayGetSizeInBytessize; // ... TfLiteIntArray ret = TfLiteIntArraymallocallocsize; // ... The...

PYSEC-2022-122

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...

PYSEC-2022-122

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate. The TfLiteIntArrayGetSizeInBytes returns an int instead of a sizet. An attacker can control model inputs such that computedsize overflows the...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.

The vulnerability of the extensions/renderer/runtimecustombindings.cc component in Google Chrome relates to the omission of additional effects during the creation of arrays. Exploiting this vulnerability may allow a malicious actor to cause a service failure the inability to use a resource after ...

chromium-browser: use-after-free in extensions

extensions/renderer/runtimecustombindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors related ...

MOPB-05-2007:PHP unserialize() 64 bit Array Creation Denial of Service Vulnerability

Summary A user supplied serialized string might trigger on 64 bit systems a tight endless loop within zendhashinit exhausting CPU ressources. Affected versions Affected is PHP 4.4.4/5.2.0 and below. Detailed information Before PHP 4.3.11 was released it was discovered that there is a problem in t...

CVE-2001-1225

Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried...