31 matches found
CVE-2026-44224
Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation of the group IDs supplied. The resolver passes the caller's arguments straight to the model without...
Astra Linux - уязвимость в firefox
The MarkStack assignment operator, which is part of the JavaScript engine, could access uninitialized memory if it was used in a self-assignment. This vulnerability affects Firefox versions less than 125...
CVE-2026-31070
The LalanaChami Pharmacy Management System commit 5c3d028 allows unauthenticated remote attackers to escalate privileges by self-assigning an administrative role during registration. The /api/user/signup endpoint fails to validate the role parameter in the request body...
PT-2026-40432
Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation of the group IDs supplied. The resolver passes the caller's arguments straight to the model without...
CVE-2025-57605
CVE-2025-57605 affects AiKaan IoT Platform: lack of server-side authorization on department admin assignment APIs allows authenticated users to elevate privileges by assigning themselves as admins of other departments, leading to unauthorized privilege escalation across the department. Documented...
PT-2025-38732
Name of the Vulnerable Software and Affected Versions AiKaan IoT Platform affected versions not specified Description A missing server-side authorization check in the department admin assignment APIs within the AiKaan IoT Platform permits authenticated users to gain elevated privileges...
Mozilla: Potential use-after-free due to AlignedBuffer self-move
The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...
Mozilla: Potential use-after-free due to AlignedBuffer self-move
The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...
Mozilla: Potential use-after-free due to AlignedBuffer self-move
The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...
Mozilla: Potential use-after-free due to AlignedBuffer self-move
The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...
Mozilla: Potential use-after-free due to AlignedBuffer self-move
The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...
Mozilla: Potential use-after-free due to AlignedBuffer self-move
The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...
Mozilla: Potential use-after-free due to AlignedBuffer self-move
The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...
Mozilla: Potential use-after-free due to AlignedBuffer self-move
The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...
Mozilla: Potential use-after-free due to AlignedBuffer self-move
The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...
CVE-2024-3862
The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox 125...
DEBIAN-CVE-2024-3861
If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
CVE-2024-3861
If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
CVE-2024-3862
The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox 125...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox version 125, which stems from the fact that if an AlignedBuffer is assigned to itself, subsequent self-moves may result in incorrect reference countin...