142 matches found
The vulnerability of the --inspect parameter implementation in Node.js’s object manipulation tools allows attackers to execute arbitrary code.
The vulnerability of the --inspect parameter in the Node.js object manipulation tool is related to errors during the conversion of the octal IP address. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
PT-2022-6861
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19 Oracle GraalVM Enterprise Edition versions 20.3.7, 21.3.3, 22.2.0 Description The issue is related to an error in integer value conversion in the Security component of Oracle...
CVE-2022-40138
An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...
CVE-2022-40138
An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...
Design/Logic Flaw
An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...
CVE-2022-40138
CVE-2022-40138 affects Hermes, the JavaScript engine used by React Native. The issue is an integer conversion error in Hermes bytecode generation (before commit 6aa825e480d48127b480b08d13adf70033237097) that could allow out-of-bounds operations and arbitrary code execution when untrusted JavaScri...
PT-2022-5008 · Facebook · Hermes
Name of the Vulnerable Software and Affected Versions: Hermes versions prior to commit 6aa825e480d48127b480b08d13adf70033237097 Description: The issue is related to an integer conversion error in Hermes bytecode generation. This error could be used to perform Out-Of-Bounds operations and...
CVE-2022-34031
Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njsvaluetonumber at src/njsvalueconversion.h...
Qualcomm 芯片代码问题漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. A code issue vulnerability exists in various Qualcomm products th...
Apache Struts Code injection due to conversion error
Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field...
GHSA-MWRX-HX6X-3HHV Apache Struts Code injection due to conversion error
Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field...
The vulnerability of the rendering module of Blink web pages in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability of the rendering module for web pages in Google Chrome and Microsoft Edge browsers is related to type conversion errors. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
LSN-0083-1: Kernel Live Patch Security Notice
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.CVE-2018-25020...
Yearn token <> shares conversion decimal issue
Handle cmichel Vulnerability details The yearn strategy YearnYield converts shares to tokens by doing pricePerFullShare shares / 1e18: function getTokensForSharesuint256 shares, address asset public view override returns uint256 amount if shares == 0 return 0; // @audit should divided by...
DEBIAN-CVE-2021-43537
An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code or cause service interruptions.
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to type conversion errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or trigger a denial-of-service attack through a specially created web page...
The vulnerability of Google Chrome, related to a type conversion error, allows a hacker to circumvent existing security restrictions by using a specially created HTML page.
The vulnerability of Google Chrome is related to a type conversion error. Exploiting this vulnerability allows an attacker to bypass existing security restrictions through a specially created HTML page...
LSN-0081-1: Kernel Live Patch Security Notice
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.CVE-2021-3653 Maxim...
The vulnerability of the Adobe Photoshop CC graphic editor, related to a type conversion error, allows a hacker to execute arbitrary code.
The vulnerability of the Adobe Photoshop CC graphic editor is related to a type conversion error. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user...
UBUNTU-CVE-2021-38187
An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a u8 to a u64...