PT-2026-43999

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/cron/class/cronjob.class.php, call user func array in function job type...

GHSA-6R9F-759J-HJGV SandboxJS affected by a Sandbox Escape

Summary It is possible to obtain arrays containing Function, which allows escaping the sandbox. Details There are various ways to get an array containing Function, e.g. js Object.entriesthis.at1 // 'Function', Function: Function Object.valuesthis.slice1, 2 // Function: Function Given an array...

PT-2026-25322

Summary It is possible to obtain arrays containing Function, which allows escaping the sandbox. Details There are various ways to get an array containing Function, e.g. js Object.entriesthis.at1 // 'Function', Function: Function Object.valuesthis.slice1, 2 // Function: Function Given an array...

CVE-2026-29091

Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.0, a remote code execution RCE flaw was discovered in the locutus project, specifically within the calluserfuncarray function implementation. The vulnerability allows an attacker to...

EUVD-2023-59732

Malicious code in bioql PyPI...

CVE-2020-19668

Unverified indexs into the array lead to out of bound access in the gifoutcode function in fromgif.c in libsixel 1.8.6...

libvirt: Memory leak in virPCIVirtualFunctionList cleanup

A vulnerability was found in libvirt. This security flaw occurs due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's gautoptr cleanup...

AZL-26736 CVE-2023-2700 affecting package libvirt for versions less than 7.10.0-5

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's gautoptr cleanup...

SUSE-SU-2022:0134-2 Security update for python-numpy

This update for python-numpy fixes the following issues: - CVE-2021-33430: Fixed buffer overflow that could lead to DoS in PyArrayNewFromDescrint function of ctors.c bsc1193913. - CVE-2021-41496: Fixed buffer overflow that could lead to DoS in arrayfrompyobj function of fortranobject.c bsc1193907...

Type confusion

This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array instead of a string even if the escape attribute is set...

Design/Logic Flaw

Cryptocat before 2.0.22: Cryptocat.random Function Array Key has Entropy Weakness...

Mambo Component zOOm Media Gallery <= 2.5 Beta 2 RFI Vulnerabilities

Exploit for unknown platform in category web applications ==================================================================== Mambo Component zOOm Media Gallery array , "getMakernoteTextValue" = array , "InterpretMakernotetoHTML" = array ; // Include the Main TIFF and EXIF Tags array...

Mambo Component zOOm Media Gallery 2.5 Beta 2 - Remote File Inclusion

iskorpitx@metlak from TURKEY comzoom file include / // Create the Makernote Parser and Interpreter Function Array $GLOBALS'MakernoteFunctionArray' = array "ReadMakernoteTag" = array , "getMakernoteTextValue" = array , "InterpretMakernotetoHTML" = array ; // Include the Main TIFF and EXIF Tags arr...