Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/04/25 7:22 a.m.7 views

CVE-2026-41197

Noir is a Domain Specific Language for SNARK proving systems that is designed to use any ACIR compatible proving system, and Brillig is the bytecode ACIR uses for non-determinism. Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA...

9.3CVSS5.3AI score0.00395EPSS
Exploits0References1
NVD
NVD
added 2026/04/23 2:16 a.m.5 views

CVE-2026-41197

Noir is a Domain Specific Language for SNARK proving systems that is designed to use any ACIR compatible proving system, and Brillig is the bytecode ACIR uses for non-determinism. Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA...

9.3CVSS0.00395EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/23 12:35 a.m.3 views

CVE-2026-41197 Brillig: Heap corruption in foreign call results with nested tuple arrays

Noir is a Domain Specific Language for SNARK proving systems that is designed to use any ACIR compatible proving system, and Brillig is the bytecode ACIR uses for non-determinism. Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA...

9.3CVSS5.7AI score0.00395EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:35 a.m.4 views

CVE-2026-41197

Noir is a Domain Specific Language for SNARK proving systems that is designed to use any ACIR compatible proving system, and Brillig is the bytecode ACIR uses for non-determinism. Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA...

9.3CVSS5.7AI score0.00395EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/23 12:35 a.m.16 views

CVE-2026-41197

CVE-2026-41197 concerns Brillig/Noir: a bug in allocate_foreign_call_result_array when handling nested arrays (e.g., [(u32,u32);3]) during foreign calls. The code discards inner element types and uses the semantic length of the nested array, yielding under-allocation of semi-flattened size for co...

9.3CVSS5.7AI score0.00395EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.9 views

Noir 安全漏洞

Noir is an open-source domain-specific language developed by noir-lang, used for SNARK proofs. Versions of Noir prior to 1.0.0-beta.19 contained a security vulnerability, caused by a nested array memory allocation error, which could lead to damage to the Brillig VM heap...

9.3CVSS5.8AI score0.00395EPSS
Exploits0References2
OSV
OSV
added 2026/04/21 8:16 p.m.9 views

GHSA-JJ7C-X25R-R8R3 Brillig: Heap corruption in foreign call results with nested tuple arrays

Description Noir programs can invoke external functions through foreign calls. When compiling to Brillig bytecode, the SSA instructions are processed block-by-block in BrilligBlock::compileblock. When the compiler encounters an Instruction::Call with a Value::ForeignFunction target, it invokes...

9.3CVSS5.8AI score0.00395EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.3 views

Malicious code in kestrel_h4008_qgrcu_noir (npm)

The package kestrelh4008qgrcunoir was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.0 views

Malicious code in noir_wy1pj_4hzbb_night (npm)

The package noirwy1pj4hzbbnight was found to contain malicious code...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/12/30 12:27 a.m.6 views

en-noir-et-blanc.com XSS vulnerability

Open Bug Bounty ID: OBB-715745 Description| Value ---|--- Affected Website:| en-noir-et-blanc.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/09/06 10:29 p.m.8 views

pabo.be XSS vulnerability

Open Bug Bounty ID: OBB-673818 Description| Value ---|--- Affected Website:| pabo.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Packet Storm
Packet Storm
added 2014/09/16 12:0 a.m.32 views

CM Browser SOP Bypass

Vulnerability: CM Browser Same Origin Policy Bypass Impact: High/Critical Authors: Rafay Baloch Company: RHAinfoSEC Website: http://rhainfosec.com & http://rafayhackingarticles.net Introduction Same Origin Policy SOP is one of the most important security mechanisms that are applied in modern...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

PHP Director 0.2 - SQL Injection

No description provided by source. Exploit Title: PHP Director 0.2 Sql Injection. Date: 05/06/2010 Author: Mr.Rat [email protected] Software Link: www.phpdirector.co.uk Version: 0.2 Tested on: Windows Xp SP2 Code :...

7.1AI score
Exploits0
Prion
Prion
added 2008/02/28 9:44 p.m.23 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter to 1 Vert/index.php, 2 Noir/index.php, and 3 Bleu/index.php in template/, different vectors than CVE-2008-0645...

6.8CVSS7.8AI score0.34266EPSS
Exploits2References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2007/04/11 1:19 a.m.3 views

CVE-2007-1957

Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain Portail Web Php aka Gsylvain35 Portail Web, PwP allow remote attackers to execute arbitrary PHP code via a URL in the pageAll parameter to index.php in 1 template/Vert/, or 2 template/Noir/...

6.8CVSS6.2AI score0.01343EPSS
Exploits0References4
Metasploit
Metasploit
added 2005/12/27 5:47 a.m.23 views

Solaris dtspcd Heap Overflow

This is a port of noir's dtspcd exploit. This module should work against any vulnerable version of Solaris 8 sparc. The original exploit code was published in the book Shellcoder's Handbook. This module requires Metasploit: https://metasploit.com/download Current source:...

10CVSS0.3AI score0.85564EPSS
Exploits7
Rows per page
Query Builder