4433 matches found
Facebook Hermes 安全漏洞
Facebook Hermes is a JavaScript engine from Facebook Inc. in the United States. The engine is targeted at React Native applications to improve the performance of mobile client application apps, but not for server-side infrastructures such as browsers & Node.js. A security vulnerability exists in...
CVE-2022-38475
An attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox 104...
DEBIAN-CVE-2022-2158
Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-2205
Unknown description...
CVE-2022-36320
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 103...
UBUNTU-CVE-2022-1486
Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
CVE-2021-33449
An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is NULL pointer dereference in mjsbcodepartgetbyoffset in mjs.c...
CVE-2021-33449
An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is NULL pointer dereference in mjsbcodepartgetbyoffset in mjs.c...
CVE-2021-33443
An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is stack buffer overflow in mjsexecute in mjs.c...
Null pointer dereference
An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is NULL pointer dereference in mjsprint in mjs.c...
Null pointer dereference
An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is NULL pointer dereference in getpropbuiltinforeign in mjs.c...
CVE-2021-33443
The CVE-2021-33443 entry concerns Cesanta MJS (mJS), the restricted JavaScript engine. The exposed flaw is a stack buffer overflow in the function mjs_execute() within mjs.c. Multiple connected sources (NVD, Red Hat CVE page, OSV, CVE records) consistently describe this same issue across the mJS ...
CVE-2021-33446
CVE-2021-33446 affects Cesanta’s mJS embedded JavaScript engine (mJS/mjs.c). The issue is a NULL pointer dereference in function mjs_next(), leading to a potential crash. Public documentation in the NVD entry notes a MEDIUM base CVSS score (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) with LOCAL attack v...
CVE-2021-33447
CVE-2021-33447 affects Cesanta’s embedded JavaScript engine mJS (mJS) with a NULL pointer dereference in function mjs_print() of file mjs.c . Multiple connected sources (NVD, Red Hat CNS, OSV, CVE catalogs) confirm the issue, described as a NULL pointer dereference in mjs_print(). Impact details ...
CVE-2021-33449
CVE-2021-33449 affects the Cesanta mJS embedded JavaScript engine (mJS) — specifically the mjs_bcode_part_get_by_offset() function in mjs.c, where a NULL pointer dereference is reported. The entry notes a local attack vector with the vulnerability potentially causing an availability impact (crash...
CVE-2021-33442
An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is NULL pointer dereference in jsonprintf in mjs.c...
CVE-2021-33441
The CVE-2021-33441 issue affects Cesanta mJS (mjs.c) in the mJS restricted JavaScript engine. A NULL pointer dereference in exec_expr() is reported, leading to potential crashes (availability impact). The connected records confirm the vulnerability across multiple sources (NVD/Red Hat/Open Source...
CVE-2021-33439
CVE-2021-33439 describes an integer overflow in the mjs (mJS: Restricted JavaScript engine) project, specifically in the function gc_compact_strings() within mjs.c. The vulnerability affects the embedded JavaScript engine used in ES6 contexts and is documented across multiple sources (NVD, Red Ha...
CVE-2021-33438
CVE-2021-33438 : An issue in the mjs (mJS: Restricted JavaScript engine) ES6 engine has a stack buffer overflow in the function json_parse_array() within mjs.c. The vulnerability is documented across multiple feeds (NVD/Red Hat/EUVD/OSV etc.). The vulnerability is described without public exploit...
Cesanta MJS 代码问题漏洞
Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS mJS: Restricted JavaScript engine...