117 matches found
SUSE CVE-2014-1513
TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service...
Use after free in Neon external buffers
Neon provides functionality for creating JavaScript ArrayBuffer and the Buffer subtype instances backed by bytes allocated outside of V8/Node. The JsArrayBuffer::external and JsBuffer::external did not require T: 'static prior to Neon 0.10.1. This allowed creating an externally backed buffer from...
GHSA-8MJ7-WXMC-F424 Use after free in Neon external buffers
Neon provides functionality for creating JavaScript ArrayBuffer and the Buffer subtype instances backed by bytes allocated outside of V8/Node. The JsArrayBuffer::external and JsBuffer::external did not require T: 'static prior to Neon 0.10.1. This allowed creating an externally backed buffer from...
RUSTSEC-2022-0028 Use after free in Neon external buffers
Neon provides functionality for creating JavaScript ArrayBuffer and the Buffer subtype instances backed by bytes allocated outside of V8/Node. The JsArrayBuffer::external and JsBuffer::external did not require T: 'static prior to Neon 0.10.1. This allowed creating an externally backed buffer from...
Use after free in Neon external buffers
Neon provides functionality for creating JavaScript ArrayBuffer and the Buffer subtype instances backed by bytes allocated outside of V8/Node. The JsArrayBuffer::external and JsBuffer::external did not require T: 'static prior to Neon 0.10.1. This allowed creating an externally backed buffer from...
UBUNTU-CVE-2021-42863
A buffer overflow in ecmabuiltintypedarrayprototypefilter in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size...
Buffer overflow
A buffer overflow in ecmabuiltintypedarrayprototypefilter in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size...
CVE-2021-42863
A buffer overflow in ecmabuiltintypedarrayprototypefilter in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size...
CVE-2021-42863
Removed by vendor...
Unspecified Vulnerability in Moddable SDK
Moddable SDK is a set of software development kits SDKs for IoT embedded software development from the US company Moddable. A security vulnerability exists in the Moddable SDK, which stems from the discovery that Moddable SDK v11.5.0 contains a SEGV vulnerability via the xs source xsDataView.c in...
CVE-2021-46330
Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsDataView.c in fxArrayBufferprototypeconcat...
Moddable SDK 安全漏洞
Moddable SDK is a set of software development kits SDKs for IoT embedded software development from the US company Moddable. A security vulnerability exists in the Moddable SDK, which stems from the discovery that Moddable SDK v11.5.0 contains a SEGV vulnerability via the xs source xsDataView.c in...
Chrome V8 JavaScript Engine Remote Code Execution Exploit
Chrome V8 Javascript Engine remote code execution zero day exploit. Google is expected to release an update to their browser on tuesday 04/14/2021 that will address this vulnerability. / BSD 2-Clause License Copyright c 2021, rajvardhan agarwal All rights reserved. Redistribution and use in sourc...
Google Chrome versions before 87.0.4280.88 integer overflow during SimplfiedLowering phase
This module exploits an issue in Google Chrome versions before 87.0.4280.88 64 bit. The exploit makes use of an integer overflow in the SimplifiedLowering phase in turbofan. It is used along with a type hardening bypass using ArrayPrototypeShift to create a JSArray with a length of -1. This is...
Google Chrome SimplfiedLowering Integer Overflow Exploit
This Metasploit module exploits an issue in Google Chrome versions before 87.0.4280.88 64 bit. The exploit makes use of an integer overflow in the SimplifiedLowering phase in turbofan. It is used along with a typer hardening bypass using ArrayPrototypeShift to create a JSArray with a length of -1...
Google Chrome SimplfiedLowering Integer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome versions before 87.0.4280.88 integer overflow during SimplfiedLowering phase', 'Description' = %q This module exploits an issue in...
Google Chrome 81.0.4044 V8 - Remote Code Execution Exploit
Exploit Title: Google Chrome 81.0.4044 V8 - Remote Code Execution Exploit Author: Tobias Marcotto Tested on: Kali Linux x64 Version: 83.0.4103.106 Description: Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a...
Google Chrome 81.0.4044 V8 Remote Code Execution
Exploit Title: Google Chrome prior 83.0.4103.106 V8 - Remote Code Execution Date: 06/04/2021 Exploit Author: Tobias Marcotto Tested on: Kali Linux x64 Version: 83.0.4103.106 Description: Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially...
CVE-2018-21238
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer0xfffffffe call...
CVE-2018-21238
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer0xfffffffe call...