Lucene search
+L

105 matches found

CNNVD
CNNVD
added 2022/01/20 12:0 a.m.6 views

JerryScript 安全漏洞

JerryScript, a lightweight JavaScript engine from the JerryScript project, is vulnerable in JerryScript 3.0.0, which originates in /base/ecma-helpers.cecmagetlexenvtype An assertion ecmaislexicalenvironment objectp fails at /base/ecma-helpers.c ecmagetlexenvtype. No detailed vulnerability details...

5.5CVSS5.5AI score0.00658EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.7 views

The vulnerability of the `ecma_is_lexical_environment` function in the `ecma-helpers.c` component of the JavaScript engine for Things.js and the IoT.js platform, related to memory management after its deallocation, allows a attacker to cause a service failure.

The vulnerability of the ecmaislexicalenvironment function in the ecma-helpers.c component of the JavaScript engine for Things.js and the IoT.js platform is related to the use of memory after it is released. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.5CVSS6.5AI score0.00937EPSS
Exploits1References4Affected Software2
Github Security Blog
Github Security Blog
added 2021/08/25 8:58 p.m.31 views

Data races in lexer

lexer is a plugin based lexical reader.Affected versions of this crate implements Sync for ReaderResult with the trait bound T: Send, E: Send. Since matching on the public enum ReaderResult provides access to &T & &E, allowing data race to a non-Sync type T or E. This can result in a memory...

8.1CVSS8AI score0.00833EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2021/06/12 12:0 a.m.9 views

Unspecified Vulnerability in JerryScript (CNVD-2021-43002)

JerryScript is a lightweight JavaScript engine . An unspecified vulnerability exists in ecmaislexicalenvironment in ecma-helpers.c in JerryScript version 2.4.0. No detailed vulnerability details are provided at this time...

6.5CVSS6.7AI score0.00937EPSS
Exploits1References1
NVD
NVD
added 2021/06/10 11:15 p.m.15 views

CVE-2021-26194

An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecmaislexicalenvironment in the ecma-helpers.c file...

6.5CVSS0.00937EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/06/10 12:0 a.m.7 views

JerryScript 资源管理错误漏洞

JerryScript is a lightweight JavaScript engine . An unspecified vulnerability exists in ecmaislexicalenvironment in ecma-helpers.c in JerryScript version 2.4.0. No detailed vulnerability details are provided at this time...

6.5CVSS5.5AI score0.00937EPSS
Exploits1References1
Microsoft KB
Microsoft KB
added 2020/04/13 4:8 a.m.69 views

MS15-022: Description of the security update for SharePoint Server 2013: March 10, 2015

Resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file in an affected version of Office.IntroductionThis security update resolves vulnerabilities in Microsoft Office that could...

7.6AI score
Exploits0
OSV
OSV
added 2019/08/16 4:15 p.m.27 views

CVE-2019-5477

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename. This...

9.8CVSS9.6AI score
Exploits0References8
FreeBSD
FreeBSD
added 2019/08/11 12:0 a.m.32 views

Nokogiri -- injection vulnerability

Nokogiri GitHub release: A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being passed untrusted user input...

9.8CVSS2.9AI score0.05899EPSS
Exploits0References2
CNVD
CNVD
added 2018/07/24 12:0 a.m.3 views

THULAC Buffer Out-of-Bounds Read Vulnerability

THULAC is a Chinese lexical analysis toolkit introduced by the Natural Language Processing and Social Humanities Computing Laboratory of Tsinghua University, which supports Chinese word segmentation and lexical annotation functions. The 'NGramFeature::findbases ' function in the...

9.8CVSS9.3AI score0.01753EPSS
Exploits1References1
Fedora
Fedora
added 2016/12/10 2:52 a.m.33 views

[SECURITY] Fedora 23 Update: flex-2.6.0-2.fc23

The flex program generates scanners. Scanners are programs which can recognize lexical patterns in text. Flex takes pairs of regular expressions and C code as input and generates a C source file as output. The output file is compiled and linked with a library to produce an executable. The...

9.8CVSS1.9AI score0.08767EPSS
Exploits0
Fedora
Fedora
added 2016/08/08 8:35 p.m.44 views

[SECURITY] Fedora 24 Update: flex-2.6.0-2.fc24

The flex program generates scanners. Scanners are programs which can recognize lexical patterns in text. Flex takes pairs of regular expressions and C code as input and generates a C source file as output. The output file is compiled and linked with a library to produce an executable. The...

9.8CVSS1.9AI score0.08767EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2015/10/30 9:29 a.m.17 views

CVE-2006-0459

flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator flex before 2.5.33 does not allocate enough memory for grammars containing 1 REJECT statements or 2 trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependen...

7.5CVSS8.2AI score0.04769EPSS
Exploits0References2
myhack58
myhack58
added 2014/09/28 12:0 a.m.253 views

From the parsing perspective analysis of the Shellshock Vulnerability[CVE-2 0 1 4-6 2 7 1]-vulnerability warning-the black bar safety net

Author: yaoxi Documentation This time, we combined The poc analysis to know about the Bash syntax rules, from another angle to help everyone better understand the bash and the shellshock vulnerability. Vulnerability description CVE-2 0 1 4-6 2 7 1 vulnerability is Stéphane Hassles France found th...

10CVSS10AI score0.99999EPSS
Exploits132
Tenable Nessus
Tenable Nessus
added 2010/09/01 12:0 a.m.17 views

Fedora 13 : socat-1.7.1.3-1.fc13 (2010-13412)

This resolves CVE-2010-2799 Socat: Stack overflow by lexical scanning of nested character patterns Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

6.8CVSS5.4AI score0.02752EPSS
Exploits0References3
Prion
Prion
added 2010/02/12 10:30 p.m.11 views

Security feature bypass

Unspecified vulnerability in Fast Lexical Analyzer Generator flex before 2.5.35 has unknown impact and attack vectors...

7.5CVSS7.1AI score0.0105EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2010/02/12 10:30 p.m.4 views

CVE-2010-0634

Unspecified vulnerability in Fast Lexical Analyzer Generator flex before 2.5.35 has unknown impact and attack vectors...

6.8AI score
Exploits0References2
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.16 views

Debian: Security Advisory (DSA-1634-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.7AI score0.04429EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2008/09/05 12:0 a.m.25 views

Debian DSA-1634-1 : wordnet - stack and heap overflows

Rob Holland discovered several programming errors in WordNet, an electronic lexical database of the English language. These flaws could allow arbitrary code execution when used with untrusted input, for example when WordNet is in use as a back end for a web application. %NASLMINLEVEL 70300 C...

10CVSS6.2AI score0.04429EPSS
Exploits2References4
NVD
NVD
added 2006/03/29 11:2 p.m.26 views

CVE-2006-0459

flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator flex before 2.5.33 does not allocate enough memory for grammars containing 1 REJECT statements or 2 trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependen...

7.5CVSS7.6AI score0.04769EPSS
Exploits0References14
Rows per page
Query Builder