PT-2026-21401

Name of the Vulnerable Software and Affected Versions yt-dlp versions prior to 2026.02.21 Description The --netrc-cmd option in yt-dlp contains an arbitrary command injection issue. The argument passed to the command in this option is now limited to a safe subset of characters to address this. Th...

Exploit for CVE-2024-28397

CodeTwoRCEExploit This script incorporates authentication to a...

CVE-2020-1915

An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application...

Exploit for CVE-2024-28397

Introduction 中文 Analysis Chinese./an...

SUSE CVE-2005-1159

The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers ...

Fedora: Security Advisory for mujs (FEDORA-2022-c4b56e4400)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] [DSA 5291-1] mujs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5291-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 28, 2022 https://www.debian.org/security/faq -...

Out-of-bounds Read in Facebook Hermes

An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application...

GHSA-GMPM-XP43-F7G6 Signed to Unsigned Conversion Error in Facebook Hermes

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...

Signed to Unsigned Conversion Error in Facebook Hermes

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...

Artifex Software Artifex MuJS Denial of Service Vulnerability (CNVD-2022-70081)

Artifex Software Artifex MuJS is a lightweight JavaScript interpreter from Artifex Software, Inc. that is used to embed into other software to provide script execution functionality.Artifex Software Artifex MuJS version 1.2.0 and earlier versions are vulnerable to denial of service vulnerability,...

Artifex Software Artifex MuJS 安全漏洞

Artifex Software Artifex MuJS is a lightweight JavaScript interpreter from Artifex Software, Inc. that is used to embed into other software to provide script execution functionality.Artifex Software Artifex MuJS version 1.2.0 and earlier versions are vulnerable to denial of service vulnerability,...

Artifex MuJS 代码问题漏洞

Artifex Software Artifex MuJS is a lightweight JavaScript interpreter from Artifex Software, which is used to embed into other software to provide script execution functionality. vulnerability, which stems from the existence of a null pointer dereference in jsPdumpsyntax in jsdump.c. An attacker...

Espruino Buffer Overflow Vulnerability (CNVD-2022-20168)

Espruino is a JavaScript interpreter. It is designed for devices with only 128kB flash and 8kB RAM. espruino 2v11 has a security vulnerability that stems from src/jsvar.c containing a stack buffer overflow. No details of the vulnerability are currently available...

Espruino Buffer Overflow Vulnerability (CNVD-2022-20169)

Espruino is a JavaScript interpreter. It is designed for devices with only 128kB of flash memory and 8kB of RAM. espruino has a security vulnerability that stems from src/jsvar.c containing a stack buffer overflow. No details of the vulnerability are currently available...

Espruino has unspecified vulnerabilities

Espruino is a JavaScript interpreter. It is designed for devices with only 128kB flash memory and 8kB RAM.A security vulnerability exists in Espruino, which stems from the fact that Espruino 2v11.251 was found to contain a SEGV vulnerability via src jsinteractivec in jsiGetDeviceFromClass. No...

Espruino Buffer Overflow Vulnerability (CNVD-2022-08365)

Espruino is a JavaScript interpreter. It is designed for devices with only 128kB flash and 8kB RAM.Espruino is vulnerable to a buffer overflow vulnerability in version 2.10.246, which stems from a boundary error in vcbprintf via src jsutils.c when handling untrusted input. A remote attacker could...

Espruino 缓冲区错误漏洞

Espruino is a JavaScript interpreter. It is designed for devices with only 128kB of flash memory and 8kB of RAM. A buffer error vulnerability exists in Espruino, which stems from the failure of jsvNewFromString in the product src/jsvar.c file to properly handle memory boundaries. The following...

[SECURITY] Fedora 31 Update: mujs-1.0.9-1.fc31

MuJS is a lightweight Javascript interpreter designed for embedding in other software to extend them with scripting capabilities...

Fedora: Security Advisory for mujs (FEDORA-2020-f3d08b9b3a)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...