407 matches found
CVE-2018-1000661
jsish version 2.4.67 contains a CWE-476: NULL Pointer Dereference vulnerability in JsiLogMsg jsiUtils.c:196 that can result in Crash due to segmentation fault. This attack appear to be exploitable via the victim executing specially crafted javascript code. This vulnerability appears to have been...
CVE-2020-23260
An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the StringReplaceCmd function in the src/jsiChar.c file...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
EUVD-2025-205581
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
Jsish 安全漏洞
Jsish is a small JavaScript parser written in C with a built-in database by the pcmacdon individual developer. A security vulnerability exists in Jsish version 2.0 that stems from type confusion and could lead to a crash or code execution...
CVE-2025-65570
CVE-2025-65570 describes a type confusion in jsish 2.0 where, inside a for-in loop, an array element access used as the left-hand operand in an instanceof expression leaves an extra array reference on the stack. When OP_NEXT runs, it may treat the array as an iterator object and read an invalid f...
PT-2025-53725
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OP NEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
EUVD-2020-16009
Malware in sbrugna...
EUVD-2020-15631
Malware in sbrugna...
EUVD-2018-1991
Malware in sbrugna...
EUVD-2019-1922
Malware in sbrugna...
EUVD-2019-1907
Malware in sbrugna...
EUVD-2018-1997
Malware in sbrugna...
EUVD-2018-1986
Malware in sbrugna...
EUVD-2019-1914
Malware in sbrugna...
EUVD-2020-16011
Malware in sbrugna...
EUVD-2020-15663
Malware in sbrugna...