CVE-2025-12745 QuickJS quickjs.c js_array_buffer_slice buffer over-read

A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...

EUVD-2025-37919

A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...

CVE-2025-12745 QuickJS quickjs.c js_array_buffer_slice buffer over-read

A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...

CVE-2025-12745

A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-3154: Fixed out-of-bounds array write due to invalid VerticesPerRow bsc1240687. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

CVE-2025-43421

A flaw was found in WebKitGTK. Processing malicious web content can cause multiple issues in the JIT compiler and result in an unexpected process crash. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4...

CVE-2025-54330

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Out-of-bounds Read of q-bufs in the isdoneforme function...

PT-2025-45149

Name of the Vulnerable Software and Affected Versions QuickJS versions prior to eb2c89087def1829ed99630cb14b549d7a98408c Description A flaw exists in QuickJS that allows for a buffer over-read. This issue is related to the js array buffer slice function within the quickjs.c file. Exploitation is...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989589)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989589 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Fix NULL pointer dereference by removing unnecessary structure field If driver rea...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989930)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989930 advisory. In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds val...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989666)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989666 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree When the value of lp is 0 at t...

QuickJS 安全漏洞

QuickJS is a small and embeddable Javascript engine open-sourced by QuickJS. A security vulnerability exists in QuickJS, which stems from a buffer over-read in the function jsarraybufferslice in the file quickjs.c, which could lead to a local execution attack...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990219)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990219 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy field-spanning write warning in mwifiexconfigscan Replace one-element...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989664)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989664 advisory. In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit Syzbot reported that -1 is used ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990111)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990111 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for potential null return of kmallocarray As the kmallocarray may return null,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989731)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989731 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tulip: de4x5: fix the problem that the array 'lp-phy8' may be out of bound In line 5001, if...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989829)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989829 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the ind...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988914)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988914 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg-alloctype As Wenqing Liu reported in bugzilla:...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990134)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990134 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the ind...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988667 advisory. In the Linux kernel, the following vulnerability has been resolved: regulator: rt4801: Fix NULL pointer dereference if priv-enablegpios is NULL...