718 matches found
kernel: sched/eevdf: Fix se->slice being set to U64_MAX and resulting crash
In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se-slice being set to U64MAX and resulting crash There is a code path in dequeueentities that can set the slice of a schedentity to U64MAX, which sometimes results in a crash. The offending case is when...
SUSE CVE-2025-10954
Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse function. An attacker can cause a panic by providing crafted input causing a "runtime error: slice bounds out of range"...
CVE-2025-12745
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the jsarraybufferslice function. An attacker can access sensitive information or cause application instability by triggering a buffer over-read through crafted input. Remediation A fix was pushed into the...
CVE-2025-12745
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
CVE-2025-12745
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
DEBIAN-CVE-2025-12745
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
CVE-2025-12745
CVE-2025-12745 affects QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. The vulnerability is in the function js_array_buffer_slice of quickjs.c and causes a buffer over-read. Exploitation is restricted to local execution; the exploit has been publicly disclosed. The CVE description and mul...
CVE-2025-12745
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
CVE-2025-12745 QuickJS quickjs.c js_array_buffer_slice buffer over-read
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
CVE-2025-12745
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
EUVD-2025-37919
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function jsarraybufferslice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public a...
QuickJS 安全漏洞
QuickJS is a small and embeddable Javascript engine open-sourced by QuickJS. A security vulnerability exists in QuickJS, which stems from a buffer over-read in the function jsarraybufferslice in the file quickjs.c, which could lead to a local execution attack...
PT-2025-45149
Name of the Vulnerable Software and Affected Versions QuickJS versions prior to eb2c89087def1829ed99630cb14b549d7a98408c Description A flaw exists in QuickJS that allows for a buffer over-read. This issue is related to the js array buffer slice function within the quickjs.c file. Exploitation is...
PT-2025-43456
In grantAllowlistedPackagePermissions of SettingsSliceProvider.java, there is a possible way for a third party app to modify secure settings due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...
GHSA-XCPM-76HF-C9CC Borrowck Scarifices exposes uninitialized memory in any_as_u8_slice
The safe function anyasu8slice can create byte slices that reference uninitialized memory when used with types containing padding bytes. The function uses slice::fromrawparts to create a &u8 covering the entire size of a type, including padding bytes. According to Rust's documentation, fromrawpar...
EUVD-2025-35597
Borrowck Scarifices exposes uninitialized memory in anyasu8slice...
GHSA-H5J3-CRG5-8JQM orx-pinned-vec has undefined behavior in index_of_ptr with empty slices
The safe function indexofptr causes undefined behavior when called with an empty slice. The issue occurs in the line ptr.addslice.len - 1 which underflows when slice.len is 0, creating a pointer with a massive offset. According to Rust's safety rules, creating such a pointer causes immediate...
Undefined behavior in index_of_ptr with empty slices
The safe function indexofptr causes undefined behavior when called with an empty slice. The issue occurs in the line ptr.addslice.len - 1 which underflows when slice.len is 0, creating a pointer with a massive offset. According to Rust's safety rules, creating such a pointer causes immediate...
EUVD-2021-0412
Malware in sbrugna...