15 matches found
EUVD-2022-29788
Malicious code in bioql PyPI...
CVE-2024-25201
Espruino 2v20 commit fcc9ba4 was discovered to contain an Out-of-bounds Read via jsvStringIteratorPrintfCallback at src/jsvar.c...
Out-of-bounds
Espruino 2v20 commit fcc9ba4 was discovered to contain an Out-of-bounds Read via jsvStringIteratorPrintfCallback at src/jsvar.c...
CVE-2024-25201
Espruino 2v20 commit fcc9ba4 was discovered to contain an Out-of-bounds Read via jsvStringIteratorPrintfCallback at src/jsvar.c...
CVE-2024-25201
The CVE-2024-25201 entry concerns Espruino 2v20 (commit fcc9ba4) with an Out-of-bounds Read in the jsvStringIteratorPrintfCallback function located at src/jsvar.c. Public sources in the dataset (NVD, Red Hat, CVE lists, CNNVD, etc.) consistently describe a read past array bounds in this component...
CVE-2024-25201
Espruino 2v20 commit fcc9ba4 was discovered to contain an Out-of-bounds Read via jsvStringIteratorPrintfCallback at src/jsvar.c...
CVE-2022-25465
Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling...
CVE-2022-25465
Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling...
CVE-2022-25465
Espruino 2v11 release contains a stack buffer overflow in src/jsvar.c (jsvGetNextSibling). Root cause: a buffer overflow within the JS variable handling path. Documents do not specify exploit vectors, versions beyond 2v11, or concrete remediation; no exploitation details are provided. Remediation...
CVE-2021-46324
Espruino 2v11.251 is affected by a stack buffer overflow in jsvNewFromString (src/jsvar.c). Public records (NVD, CVE-2021-46324) indicate the flaw originates in memory boundary handling within Espruino’s JavaScript interpreter, potentially impacting confidentiality, integrity, and availability (C...
CVE-2021-46324
Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString...
Espruino Buffer Overflow Vulnerability (CNVD-2018-10887)
Espruino is a JavaScript interpreter for use in microcontrollers. A stack buffer overflow vulnerability exists in the jsvar.c file in versions of Espruino prior to 1.99, which stems from a program used to '\detect 0' detecting the wrong array element. An attacker can exploit this vulnerability to...
CVE-2018-11596
Espruino before 1.99 allows attackers to cause a denial of service application crash with a user crafted input file via a Buffer Overflow during syntax parsing because a check for '\0' is made for the wrong array element in jsvar.c...
CVE-2018-11591
Espruino before 1.98 allows attackers to cause a denial of service application crash with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c...
CVE-2018-11591
Espruino before version 1.98 is affected by a denial-of-service vulnerability caused by a NULL pointer dereference during syntax parsing when processing a crafted input file. Multiple connected sources confirm that the issue exists in Espruino 1.97 and earlier, and it was mitigated by adding vali...