Lucene search
K

59 matches found

OSV
OSV
added 2022/05/24 5:32 p.m.35 views

GHSA-X4CF-6JR3-3QVP Out-of-bounds Read in Facebook Hermes

An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application...

7.5CVSS7.5AI score0.01584EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/24 5:30 p.m.25 views

Always-Incorrect Control Flow Implementation in Facebook Hermes

A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. Note that this is only exploitable i...

9.8CVSS9.3AI score0.02515EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/24 5:27 p.m.37 views

Signed to Unsigned Conversion Error in Facebook Hermes

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...

8.1CVSS7.5AI score0.01202EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2022/05/20 10:29 p.m.25 views

CVE-2020-1914

A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. Note that this is only exploitable i...

9.8CVSS4.7AI score0.02515EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/06/15 10:0 p.m.52 views

CVE-2021-24037

A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of...

10AI score0.01795EPSS
Exploits0References2
OSV
OSV
added 2021/02/02 7:15 a.m.38 views

CVE-2020-1896

A stack overflow vulnerability in Facebook Hermes 'builtin apply' prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2 https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that th...

9.8CVSS8AI score0.02418EPSS
Exploits0References2
NVD
NVD
added 2021/02/02 7:15 a.m.46 views

CVE-2020-1896

A stack overflow vulnerability in Facebook Hermes 'builtin apply' prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2 https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that th...

9.8CVSS0.02418EPSS
Exploits0References2
Prion
Prion
added 2021/02/02 7:15 a.m.30 views

Stack overflow

A stack overflow vulnerability in Facebook Hermes 'builtin apply' prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2 https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that th...

6.8CVSS9.7AI score0.02418EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/10/26 9:15 p.m.41 views

CVE-2020-1915

An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application...

7.5CVSS6.8AI score0.01584EPSS
Exploits0References2
Prion
Prion
added 2020/10/26 9:15 p.m.25 views

Memory corruption

An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application...

4.3CVSS7.5AI score0.01584EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/10/26 8:20 p.m.52 views

CVE-2020-1915

An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application...

7.5AI score0.01584EPSS
Exploits0References2
OSV
OSV
added 2020/10/08 7:15 p.m.34 views

CVE-2020-1914

A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. Note that this is only exploitable i...

9.8CVSS7.5AI score0.02515EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/10/08 6:50 p.m.25 views

CVE-2020-1914

A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. Note that this is only exploitable i...

9.7AI score0.02515EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2020/10/08 6:50 p.m.61 views

CVE-2020-1914

A logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to commit b2021df620824627f5a8c96615edbd1eb7fdddfc allows attackers to potentially read out of bounds or theoretically execute arbitrary code via crafted JavaScript. Note that this is only exploitable i...

9.8CVSS9.7AI score0.02515EPSS
Exploits0
OSV
OSV
added 2020/09/09 7:15 p.m.47 views

CVE-2020-1913

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...

8.1CVSS6.7AI score0.01202EPSS
Exploits0References2
Prion
Prion
added 2020/09/09 7:15 p.m.21 views

Design/Logic Flaw

An out-of-bounds read/write vulnerability when executing lazily compiled inner generator functions in Facebook Hermes prior to commit 091835377369c8fd5917d9b87acffa721ad2a168 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the...

6.8CVSS8.3AI score0.01813EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/09 7:0 p.m.70 views

CVE-2020-1913

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...

7.8AI score0.01202EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/09/09 6:50 p.m.52 views

CVE-2020-1912

An out-of-bounds read/write vulnerability when executing lazily compiled inner generator functions in Facebook Hermes prior to commit 091835377369c8fd5917d9b87acffa721ad2a168 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the...

8.3AI score0.01813EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/09/04 2:35 a.m.44 views

CVE-2020-1911

A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes prior to commit fe52854cdf6725c2eaa9e125995da76e6ceb27da allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only...

9.7AI score0.02003EPSS
Exploits0References2
Rows per page
Query Builder