CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

783 matches found

OSV•added 2020/07/21 3:15 p.m.•15 views

CVE-2020-15866

mruby through 2.1.2-rc has a heap-based buffer overflow in the mrbyieldwithclass function in vm.c because of incorrect VM stack handling. It can be triggered via the stackcopy function...

9.8CVSS7.6AI score

Exploits0References2

OSV•added 2020/07/21 3:15 p.m.•0 views

DEBIAN-CVE-2020-15866

mruby through 2.1.2-rc has a heap-based buffer overflow in the mrbyieldwithclass function in vm.c because of incorrect VM stack handling. It can be triggered via the stackcopy function...

9.8CVSS8.8AI score0.00652EPSS

Exploits1References1

OSV•added 2020/07/21 3:15 p.m.•0 views

UBUNTU-CVE-2020-15866

mruby through 2.1.2-rc has a heap-based buffer overflow in the mrbyieldwithclass function in vm.c because of incorrect VM stack handling. It can be triggered via the stackcopy function...

9.8CVSS6.1AI score0.00652EPSS

Exploits1References4

Prion•added 2020/07/21 3:15 p.m.•17 views

Heap overflow

mruby through 2.1.2-rc has a heap-based buffer overflow in the mrbyieldwithclass function in vm.c because of incorrect VM stack handling. It can be triggered via the stackcopy function...

7.5CVSS9.6AI score0.00652EPSS

Exploits1References2Affected Software2

UbuntuCve•added 2020/07/21 3:15 p.m.•24 views

CVE-2020-15866

mruby through 2.1.2-rc has a heap-based buffer overflow in the mrbyieldwithclass function in vm.c because of incorrect VM stack handling. It can be triggered via the stackcopy function...

9.8CVSS7.4AI score0.00652EPSS

Exploits1References3

AlpineLinux•added 2020/07/21 2:54 p.m.•36 views

CVE-2020-15866

mruby through 2.1.2-rc has a heap-based buffer overflow in the mrbyieldwithclass function in vm.c because of incorrect VM stack handling. It can be triggered via the stackcopy function...

9.8CVSS9.8AI score0.00652EPSS

Exploits1

CVE•added 2020/07/21 2:54 p.m.•75 views

CVE-2020-15866

CVE-2020-15866 affects mruby up to version 2.1.2-rc, due to a heap-based buffer overflow in the mrb_yield_with_class function in vm.c caused by incorrect VM stack handling. The overflow can be triggered via the stack_copy path. This vulnerability is classified with very high severity (CVSSv3.1: C...

9.8CVSS9.6AI score0.00652EPSS

Exploits1References2Affected Software1

Cvelist•added 2020/07/21 2:54 p.m.•14 views

CVE-2020-15866

mruby through 2.1.2-rc has a heap-based buffer overflow in the mrbyieldwithclass function in vm.c because of incorrect VM stack handling. It can be triggered via the stackcopy function...

9.7AI score0.00652EPSS

Exploits1References2

RubySec•added 2020/07/21 12:0 a.m.•12 views

Heap buffer overflow in mruby interpreter

muby through 2.1.2-rc has a heap-based buffer overflow in the mrbyieldwithclass function in vm.c because of incorrect VM stack handling. It can be triggered via the stackcopy function...

9.8CVSS7.2AI score0.00652EPSS

Exploits1References1Affected Software1

ossfuzz•added 2020/06/30 7:49 a.m.•13 views

mruby:mruby_proto_fuzzer: Heap-double-free in mrb_default_allocf

Project: https://github.com/mruby/mruby.git Detailed Report: https://oss-fuzz.com/testcase?key=4894663076216832 Project: mruby Fuzzing Engine: honggfuzz Fuzz Target: mrubyprotofuzzer Job Type: honggfuzzasanmruby Platform Id: linux Crash Type: Heap-double-free Crash Address: 0x60300001c8a0 Crash...

6.4AI score

Exploits0Affected Software1

ossfuzz•added 2020/05/26 10:47 a.m.•15 views

mruby:mruby_fuzzer: Stack-buffer-overflow in fmt_setup

Project: https://github.com/mruby/mruby.git Detailed Report: https://oss-fuzz.com/testcase?key=5085564041953280 Project: mruby Fuzzing Engine: honggfuzz Fuzz Target: mrubyfuzzer Job Type: honggfuzzasanmruby Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address: 0x7ffe4fea3241...

6.8AI score

Exploits0Affected Software1

Tenable Nessus•added 2020/03/26 12:0 a.m.•28 views

openSUSE Security Update : nghttp2 (openSUSE-2020-379)

This update for nghttp2 fixes the following issues : nghttp2 was update to version 1.40.0 bsc1166481 - lib: Add nghttp2checkauthority as public API - lib: Fix the bug that stream is closed with wrong error code - lib: Faster huffman encoding and decoding - build: Avoid filename collision of stati...

9.8CVSS7.3AI score0.00045EPSS

Exploits1References3

CNVD•added 2020/01/13 12:0 a.m.•1 views

mruby memory misreference vulnerability

mruby is a lightweight implementation of the Ruby language that conforms to a portion of the ISO standard. A post-release reuse vulnerability exists in mruby 2.1.0 in mrbgems/mruby-hash-ext/src/hash-ext.c in hashslice. No detailed vulnerability details are provided at this time...

9.8CVSS6.9AI score0.00418EPSS

Exploits1References1

CNVD•added 2020/01/13 12:0 a.m.•1 views

mruby stack buffer overflow vulnerability

mruby is a lightweight implementation of the Ruby language that conforms to a portion of the ISO standard. A stack buffer overflow vulnerability exists in mrbstrlentodbl in string.c in mruby 2.1.0. No detailed vulnerability details are provided at this time...

9.8CVSS7.3AI score0.00512EPSS

Exploits1References1

CNVD•added 2020/01/13 12:0 a.m.•1 views

mruby memory misreference vulnerability (CNVD-2020-10638)

mruby is a lightweight implementation of the Ruby language that conforms to a portion of the ISO standard. A security vulnerability exists in mruby 2.1.0 in mrbgems/mruby-hash-ext/src/hash-ext.c in hashvaluesat. No details of the vulnerability are provided at this time...

9.8CVSS6.8AI score0.00418EPSS

Exploits1References1