35 matches found
OESA-2026-2178 musl security update
musl is an implementation of the C standard library built on top of the Linux system call API, including interfaces defined in the base language standard, POSIX, and widely agreed-upon extensions. It is lightweight, fast, simple, free, and strives to be correct in the sense of standards conforman...
CVE-2026-0822
A flaw was found in quickjs-ng. A remote attacker could exploit a heap-based buffer overflow vulnerability by manipulating the jstypedarraysort function in quickjs.c. This could lead to information disclosure, denial of service, or potentially arbitrary code execution. An exploit for this...
CVE-2026-0822
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...
CVE-2026-0822
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...
DEBIAN-CVE-2026-0822
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...
CVE-2026-0822
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...
UBUNTU-CVE-2026-0822
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...
CVE-2026-0822
CVE-2026-0822 affects quickjs-ng quickjs up to 0.11.0. The issue targets the js_typed_array_sort function in quickjs.c, causing a heap-based buffer overflow. It is remotely exploitable and exploits are publicly available. Patch reference: 53eefbcd695165a3bd8c584813b472cb4a69fbf5. Remediation: app...
CVE-2026-0822 quickjs-ng quickjs quickjs.c js_typed_array_sort heap-based overflow
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...
CVE-2026-0822
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...
EUVD-2026-1846
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...
CVE-2026-0822
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...
CVE-2026-0822 quickjs-ng quickjs quickjs.c js_typed_array_sort heap-based overflow
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...
QuickJS 安全漏洞
QuickJS is a small and embeddable Javascript engine from QuickJS open source. A security vulnerability exists in QuickJS 0.11.0 and earlier versions, which is caused by a heap buffer overflow in the function jstypedarraysort in the file quickjs.c, which could lead to the execution of arbitrary co...
PT-2026-2028
Name of the Vulnerable Software and Affected Versions quickjs-ng versions up to 0.11.0 Description A flaw exists in quickjs-ng quickjs that could lead to a heap-based buffer overflow. This issue is located in the js typed array sort function within the quickjs.c file. Remote exploitation is...
mruby array.c sort_cmp use after free
...
CVE-2025-13120 mruby array.c sort_cmp use after free
A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sortcmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is...
CVE-2025-13120
Summary : CVE-2025-13120 affects mruby up to 3.4.0, specifically the sort_cmp function in src/array.c, causing a use-after-free condition. Exploitation requires local access. A public patch is available (commit eb398971bfb43c38db3e04528b68ac9a7ce509bc). If CVE is relevant to you, apply the offici...
CVE-2023-31908
Jerryscript 3.0 commit 05dbbd1 was discovered to contain a heap-buffer-overflow via the component ecmabuiltintypedarrayprototypesort...
Nginx 安全漏洞
Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from the U.S. company Nginx. njs is one of the scripting language components that support extended NGINX functionality . A denial of service vulnerability exists in Nginx NJS version v0.7.2, which stems from a...