CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

MiracleLinux 4 : firefox-60.2.2-1.0.1.AXS4 (AXSA:2018-3355:07)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2018-3355:07 advisory. Mozilla: type confusion in JavaScript CVE-2018-12386 Mozilla: stack out-of-bounds read in Array.prototype.push CVE-2018-12387 Tenable has extracted...

EUVD-2006-3248

Malware in sbrugna...

Malicious code in safe-array-push (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 49e28af59c0738d11c301ca9b1483179a08a52085b83b24da5b9bc0c551ab5cc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4017 Malicious code in safe-array-push (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 49e28af59c0738d11c301ca9b1483179a08a52085b83b24da5b9bc0c551ab5cc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

The vulnerability affects the implementation of the `Array.prototype.push` method in JIT-compilers of Firefox and Firefox ESR web browsers, allowing an attacker to execute arbitrary code.

The vulnerability of the Array.prototype.push method in JIT-compilers of Firefox and Firefox ESR browsers is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

USN-3778-1 firefox vulnerabilities

A crash was discovered in TransportSecurityInfo used for SSL, which could be triggered by data stored in the local cache directory. An attacker could potentially exploit this in combination with another vulnerability that allowed them to write data to the cache, to execute arbitrary code...

PostNuke 0.764 - Blind SQL Injection

!/usr/bin/python ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This was a priv8 Exploit...

FreeBSD : hashcash -- heap overflow vulnerability (2be7c122-0614-11db-9156-000e0c2e438a)

Andreas Seltenreich reports that hashcash is prone to a heap overflow vulnerability. This vulnerability is caused by improper checking of memory allocations within the 'arraypush' function. An attacker could trigger this vulnerability by passing a lot of '-r' or '-j' flags from the command line,...

DEBIAN-CVE-2006-3251

Heap-based buffer overflow in the arraypush function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries...