Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

159 matches found

OSV
OSVadded 2025/10/16 4:15 p.m.1 views

UBUNTU-CVE-2025-62490

In quickjs, in jsprintobject, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during jsprintvalue, during which the array could get resized and len1 become ou...

8.8CVSS5.8AI score0.00028EPSS
Exploits1References4
OSV
OSVadded 2025/10/16 4:15 p.m.3 views

UBUNTU-CVE-2025-62495

An integer overflow vulnerability exists in the QuickJS regular expression engine libregexp due to an inconsistent representation of the bytecode buffer size. The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\textsize\textt$ an unsigned type, typically...

8.8CVSS6.1AI score0.00028EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/10/16 3:52 p.m.7 views

CVE-2025-62496 Integer overflow in js_bigint_from_string in QuickJS

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

7.1CVSS0.00031EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/10/16 3:51 p.m.8 views

CVE-2025-62495 Type confusion in string addition in QuickJS

An integer overflow vulnerability exists in the QuickJS regular expression engine libregexp due to an inconsistent representation of the bytecode buffer size. The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\textsize\textt$ an unsigned type, typically...

7.1CVSS0.00028EPSS
Exploits1References2
CVE
CVEadded 2025/10/16 3:51 p.m.40 views

CVE-2025-62495

CVE-2025-62495 describes an integer overflow in QuickJS regExp (libregexp). The DynBuf storing regex bytecode uses size_t, but several internal routines cast the DynBuf size_t to a signed int, so very large/complex patterns can exceed 2^31 bytes. The result is a negative value used for offsets (e...

8.8CVSS7.1AI score0.00028EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2025/10/16 3:51 p.m.3 views

CVE-2025-62495 Type confusion in string addition in QuickJS

An integer overflow vulnerability exists in the QuickJS regular expression engine libregexp due to an inconsistent representation of the bytecode buffer size. The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\textsize\textt$ an unsigned type, typically...

7.1CVSS7.1AI score0.00028EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/10/16 3:51 p.m.6 views

CVE-2025-62494 Type confusion in string addition in QuickJS

A type confusion vulnerability exists in the handling of the string addition + operation within the QuickJS engine. The code first checks if the left-hand operand is a string. It then attempts to convert the right-hand operand to a primitive value using JSToPrimitiveFree. This conversion can...

7.1CVSS0.00017EPSS
Exploits1References2
CVE
CVEadded 2025/10/16 3:51 p.m.42 views

CVE-2025-62494

Summary: CVE-2025-62494 is a type-confusion vulnerability in the QuickJS engine’s string concatenation path. During the + operation, if the left operand is a string, the code converts the right operand to a primitive via JS_ToPrimitiveFree, which can trigger callbacks (toString/valueOf). While th...

8.8CVSS7.6AI score0.00017EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2025/10/16 3:51 p.m.1 views

CVE-2025-62494 Type confusion in string addition in QuickJS

A type confusion vulnerability exists in the handling of the string addition + operation within the QuickJS engine. The code first checks if the left-hand operand is a string. It then attempts to convert the right-hand operand to a primitive value using JSToPrimitiveFree. This conversion can...

7.1CVSS7.5AI score0.00017EPSS
Exploits1References2
AlpineLinux
AlpineLinuxadded 2025/10/16 3:51 p.m.3 views

CVE-2025-62494

A type confusion vulnerability exists in the handling of the string addition + operation within the QuickJS engine. The code first checks if the left-hand operand is a string. It then attempts to convert the right-hand operand to a primitive value using JSToPrimitiveFree. This conversion can...

8.8CVSS7.9AI score0.00017EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/10/16 3:51 p.m.5 views

CVE-2025-62493 Heap out-of-bounds read in js_bigint_to_string1 in QuickJS

A vulnerability exists in the QuickJS engine's BigInt string conversion logic jsbiginttostring1 due to an incorrect calculation of the required number of digits, which in turn leads to reading memory past the allocated BigInt structure. The function determines the number of characters ndigits...

5.9CVSS0.0002EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/10/16 3:51 p.m.1 views

CVE-2025-62493 Heap out-of-bounds read in js_bigint_to_string1 in QuickJS

A vulnerability exists in the QuickJS engine's BigInt string conversion logic jsbiginttostring1 due to an incorrect calculation of the required number of digits, which in turn leads to reading memory past the allocated BigInt structure. The function determines the number of characters ndigits...

5.9CVSS6AI score0.0002EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/10/16 3:51 p.m.5 views

CVE-2025-62492 Heap out-of-bounds read in js_typed_array_indexOf in QuickJS

A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS engine's implementation of TypedArray.prototype.indexOf when a negative fromIndex argument is supplied. The fromIndex argument read as a double variable, $d$ is used to calculate the starting position f...

5.9CVSS0.00019EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/10/16 3:51 p.m.6 views

CVE-2025-62491 Use-after-free in js_std_promise_rejection_check in QuickJS

A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises ts-rejectedpromiselist. The function jsstdpromiserejectioncheck attempts to iterate over the rejectedpromiselist to report unhandled rejections usi...

8.8CVSS0.00028EPSS
Exploits1References2
CVE
CVEadded 2025/10/16 3:51 p.m.85 views

CVE-2025-62491

The CVE-2025-62491 entry concerns a Use-After-Free (UAF) in the QuickJS engine’s standard library. The vulnerability occurs in js_std_promise_rejection_check when iterating the global rejected_promise_list; during error reporting, rp->reason may be an Error with a custom property getter, and e...

8.8CVSS6.8AI score0.00028EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2025/10/16 3:51 p.m.1 views

CVE-2025-62491 Use-after-free in js_std_promise_rejection_check in QuickJS

A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises ts-rejectedpromiselist. The function jsstdpromiserejectioncheck attempts to iterate over the rejectedpromiselist to report unhandled rejections usi...

8.8CVSS6.8AI score0.00028EPSS
Exploits1References2
AlpineLinux
AlpineLinuxadded 2025/10/16 3:51 p.m.3 views

CVE-2025-62491

A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises ts-rejectedpromiselist. The function jsstdpromiserejectioncheck attempts to iterate over the rejectedpromiselist to report unhandled rejections usi...

8.8CVSS7.3AI score0.00028EPSS
Exploits1References2
CVE
CVEadded 2025/10/16 3:51 p.m.18 views

CVE-2025-62490

CVE-2025-62490 affects QuickJS: in js_print_object, during printing of arrays, maps, or sets, the code reads the length and iterates, but printing a value is not side-effect free. An attacker-defined callback during js_print_value could resize or remove items (e.g., in an array or ms->records)...

8.8CVSS6.7AI score0.00028EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2025/10/16 3:51 p.m.2 views

CVE-2025-62490 Use-after-free in js_print_object in QuickJS

In quickjs, in jsprintobject, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during jsprintvalue, during which the array could get resized and len1 become ou...

8.8CVSS6.7AI score0.00028EPSS
Exploits1References2
Debian CVE
Debian CVEadded 2025/10/16 3:51 p.m.3 views

CVE-2025-62490

In quickjs, in jsprintobject, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during jsprintvalue, during which the array could get resized and len1 become ou...

8.8CVSS5.4AI score0.00028EPSS
Exploits1
Rows per page
Query Builder