Lucene search
+L

282 matches found

vulnrichment
vulnrichment
added 2024/09/06 6:18 p.m.32 views

CVE-2024-7652 Type Confusion in Async Generators in Javascript Engine

An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...

7.8AI score0.00656EPSS
Exploits0References6
freebsd
freebsd
added 2024/09/06 12:0 a.m.23 views

firefox -- Potential memory corruption and exploitable crash

[email protected] reports: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash...

7.5CVSS7AI score0.00656EPSS
Exploits0References1
cvelist
cvelist
added 2024/08/15 6:36 p.m.50 views

CVE-2024-43357 JavaScript specification issue may lead to type confusion and pointer dereference in implementations

ECMA-262 is the language specification for the scripting language ECMAScript. A problem in the ECMAScript JavaScript specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security vulnerability, such as type...

8.6CVSS0.00601EPSS
Exploits0References10
fedora
fedora
added 2024/07/19 2:22 a.m.28 views

[SECURITY] Fedora 39 Update: rapidjson-1.1.0-41.fc39

RapidJSON is a fast JSON parser and generator for C++. It was inspired by RapidXml. RapidJSON is small but complete. It supports both SAX and DOM style API. The SAX parser is only a half thousand lines of code. RapidJSON is fast. Its performance can be comparable to strlen. It also optionally...

7.8CVSS7.2AI score0.00375EPSS
Exploits0
osv
osv
added 2024/04/26 3:15 p.m.42 views

UBUNTU-CVE-2024-33255

Jerryscript commit cefd391 was discovered to contain an Assertion Failure via ECMASTRINGISREFEQUALSTOONE stringp in ecmafreestringlist...

6.2CVSS5.8AI score0.00274EPSS
Exploits1References3
nvd
nvd
added 2024/03/28 11:15 p.m.34 views

CVE-2024-29489

Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecmagetobjecttype...

5.5CVSS6.6AI score0.0034EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2024/03/28 12:0 a.m.16 views

CVE-2024-29489

Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecmagetobjecttype...

6.9AI score0.0034EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2024/03/28 12:0 a.m.5 views

PT-2024-22923

Name of the Vulnerable Software and Affected Versions Jerryscript version 2.4.0 Description The issue is related to a SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in the ecma get object type function. Recommendations For Jerryscript version 2.4.0, at the moment, there is no information...

5.5CVSS5.5AI score0.0034EPSS
Exploits1References12
cvelist
cvelist
added 2024/03/28 12:0 a.m.30 views

CVE-2024-29489

Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecmagetobjecttype...

6.8AI score0.0034EPSS
Exploits1References4
osv
osv
added 2023/09/20 10:15 p.m.5 views

UBUNTU-CVE-2023-36109

Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecmastringbuilderappendraw component at /jerry-core/ecma/base/ecma-helpers-string.c...

9.8CVSS6.2AI score0.01977EPSS
Exploits2References4
vulnrichment
vulnrichment
added 2023/09/20 12:0 a.m.12 views

CVE-2023-36109

Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecmastringbuilderappendraw component at /jerry-core/ecma/base/ecma-helpers-string.c...

8AI score0.01977EPSS
Exploits2References2
cnnvd
cnnvd
added 2023/09/20 12:0 a.m.5 views

JerryScript Security Vulnerability

JerryScript is a lightweight JavaScript engine from the Jerryscript project. A security vulnerability exists in JerryScript version 3.0 that originates from allowing remote attackers to execute arbitrary code via the ecmastringbuilderappendraw component in...

9.8CVSS7.8AI score0.01977EPSS
Exploits2References4
ptsecurity
ptsecurity
added 2023/09/19 12:0 a.m.4 views

PT-2023-25431 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: JerryScript version 3.0 Description: The issue allows remote attackers to execute arbitrary code via the ecma stringbuilder append raw component at /jerry-core/ecma/base/ecma-helpers-string.c. This is a Buffer Overflow vulnerability...

9.8CVSS9.8AI score0.01977EPSS
Exploits2References12
nvd
nvd
added 2023/08/11 2:15 p.m.34 views

CVE-2020-24187

An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service DoS Null Pointer Dereference...

5.5CVSS5.3AI score0.00303EPSS
Exploits1References2
osv
osv
added 2023/08/11 2:15 p.m.18 views

CVE-2020-24187

An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service DoS Null Pointer Dereference...

5.5CVSS6.8AI score
Exploits0References2
prion
prion
added 2023/08/11 2:15 p.m.20 views

Null pointer dereference

An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service DoS Null Pointer Dereference...

1.9CVSS5.2AI score0.00303EPSS
Exploits1References2Affected Software1
cve
cve
added 2023/08/11 12:0 a.m.44 views

CVE-2020-24187

JerryScript CVE-2020-24187 affects ecma-helpers.c in jerryscript 2.3.0. The issue allows a local attacker to trigger a denial of service via a Null Pointer Dereference. Documented impact is local DoS; no patch/version remediation details are provided across the connected sources.

5.5CVSS5.3AI score0.00303EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2023/08/11 12:0 a.m.33 views

CVE-2020-24187

An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service DoS Null Pointer Dereference...

5.3AI score0.00303EPSS
Exploits1References2
debiancve
debiancve
added 2023/08/11 12:0 a.m.19 views

CVE-2020-24187

Removed by vendor...

5.5CVSS5.5AI score0.00303EPSS
Exploits1
cnnvd
cnnvd
added 2023/08/11 12:0 a.m.4 views

JerryScript Code Issues Vulnerabilities

JerryScript is a lightweight JavaScript engine from the Jerryscript project. A security vulnerability exists in JerryScript version 2.3.0, which originated from a vulnerability that allows a local attacker to cause a denial of service DoS via ecma-helpers.c. The vulnerability is caused by the use...

5.5CVSS6.4AI score0.00303EPSS
Exploits1References3
Rows per page
Query Builder