16 matches found
CVE-2026-41197
Noir is a Domain Specific Language for SNARK proving systems that is designed to use any ACIR compatible proving system, and Brillig is the bytecode ACIR uses for non-determinism. Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA...
CVE-2026-41197
Noir is a Domain Specific Language for SNARK proving systems that is designed to use any ACIR compatible proving system, and Brillig is the bytecode ACIR uses for non-determinism. Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA...
CVE-2026-41197 Brillig: Heap corruption in foreign call results with nested tuple arrays
Noir is a Domain Specific Language for SNARK proving systems that is designed to use any ACIR compatible proving system, and Brillig is the bytecode ACIR uses for non-determinism. Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA...
CVE-2026-41197
Noir is a Domain Specific Language for SNARK proving systems that is designed to use any ACIR compatible proving system, and Brillig is the bytecode ACIR uses for non-determinism. Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA...
CVE-2026-41197
CVE-2026-41197 concerns Brillig/Noir: a bug in allocate_foreign_call_result_array when handling nested arrays (e.g., [(u32,u32);3]) during foreign calls. The code discards inner element types and uses the semantic length of the nested array, yielding under-allocation of semi-flattened size for co...
Noir 安全漏洞
Noir is an open-source domain-specific language developed by noir-lang, used for SNARK proofs. Versions of Noir prior to 1.0.0-beta.19 contained a security vulnerability, caused by a nested array memory allocation error, which could lead to damage to the Brillig VM heap...
GHSA-JJ7C-X25R-R8R3 Brillig: Heap corruption in foreign call results with nested tuple arrays
Description Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA instructions are processed block-by-block in BrilligBlock::compileblock. When the compiler encounters an Instruction::Call with a Value::ForeignFunction target, it invokes...
Malicious code in kestrel_h4008_qgrcu_noir (npm)
The package kestrelh4008qgrcunoir was found to contain malicious code...
Malicious code in noir_wy1pj_4hzbb_night (npm)
The package noirwy1pj4hzbbnight was found to contain malicious code...
en-noir-et-blanc.com XSS vulnerability
Open Bug Bounty ID: OBB-715745 Description| Value ---|--- Affected Website:| en-noir-et-blanc.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
pabo.be XSS vulnerability
Open Bug Bounty ID: OBB-673818 Description| Value ---|--- Affected Website:| pabo.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CM Browser SOP Bypass
Vulnerability: CM Browser Same Origin Policy Bypass Impact: High/Critical Authors: Rafay Baloch Company: RHAinfoSEC Website: http://rhainfosec.com & http://rafayhackingarticles.net Introduction Same Origin Policy SOP is one of the most important security mechanisms that are applied in modern...
PHP Director 0.2 - SQL Injection
No description provided by source. Exploit Title: PHP Director 0.2 Sql Injection. Date: 05/06/2010 Author: Mr.Rat [email protected] Software Link: www.phpdirector.co.uk Version: 0.2 Tested on: Windows Xp SP2 Code :...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter to 1 Vert/index.php, 2 Noir/index.php, and 3 Bleu/index.php in template/, different vectors than CVE-2008-0645...
CVE-2007-1957
Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain Portail Web Php aka Gsylvain35 Portail Web, PwP allow remote attackers to execute arbitrary PHP code via a URL in the pageAll parameter to index.php in 1 template/Vert/, or 2 template/Noir/...
Solaris dtspcd Heap Overflow
This is a port of noir's dtspcd exploit. This module should work against any vulnerable version of Solaris 8 sparc. The original exploit code was published in the book Shellcoder's Handbook. This module requires Metasploit: https://metasploit.com/download Current source:...