14 matches found
EUVD-2026-21402
In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
EUVD-2022-4498
Malicious code in bioql PyPI...
BIT-TENSORFLOW-2021-29558 Heap buffer overflow in `SparseSplit`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...
CVE-2021-29558
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...
CVE-2017-14629
In sam2p 0.49.3, the inxpmreader function in inxpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element...
CVE-2015-5689
ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite GSS before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution DS before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to execute arbitrary code,...
CVE-2013-6639
Removed by vendor...
CVE-2013-6639
CVE-2013-6639 affects Google V8 (before 3.22.24.7) as used in Google Chrome before 31.0.1650.63. The DehoistArrayIndex function in hydrogen-dehoist.cc (hydrogen.cc) can trigger an out-of-bounds write via crafted array indices, potentially leading to a denial of service. The public records indicat...
UBUNTU-CVE-2013-2083
The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly handle a certain array-element syntax, which allows remote attackers to bypass intended form-data filtering via a crafted request...
Cross site scripting
Cross-site scripting XSS vulnerability in include/sessionRegister.php in WikyBlog before 1.4.13 allows remote attackers to inject arbitrary web script or HTML, probably via vectors related to a certain data2 array element...