1230 matches found
CVE-2021-46481
CVE-2021-46481 affects Jsish v3.5.0, with the NVD describing a memory leak via linenoise.c (src/linenoise.c). CNVD-2022-07933 additionally references a buffer/heap overflow vulnerability related to Jsish linenoise operations. The exact affected product/version in public disclosures is Jsish 3.5.0...
CVE-2021-46481
Jsish v3.5.0 was discovered to contain a memory leak via linenoise at src/linenoise.c...
CVE-2021-46480
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiValueObjDelete in src/jsiEval.c. This vulnerability can lead to a Denial of Service DoS...
CVE-2021-46478
Jsish v3.5.0 contains a heap buffer overflow caused by the function jsiClearStack in src/jsiEval.c, leading to Denial of Service (DoS). The vulnerability is documented across multiple sources (NVD CVE-2021-46478 and CNVD/CVE records) and is characterized by a DoS condition without confirmed remot...
CVE-2021-46475
The CVE-2021-46475 entry concerns Jsish v3.5.0, where a heap buffer overflow is triggered by jsi_ArraySliceCmd in src/jsiArray.c, leading to Denial of Service (DoS). Multiple connected documents corroborate the vulnerability description (heap overflow in Jsish 3.5.0 via jsi_ArraySliceCmd, DoS); h...
CVE-2021-46475
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiArraySliceCmd in src/jsiArray.c. This vulnerability can lead to a Denial of Service DoS...
CVE-2021-46477
Jsish v3.5.0 was discovered to contain a heap buffer overflow via RegExpconstructor in src/jsiRegexp.c. This vulnerability can lead to a Denial of Service DoS...
CVE-2021-46474
CVE-2021-46474 affects Jsish v3.5.0 and is caused by a heap-based buffer overflow in jsiEvalCodeSub (src/jsiEval.c), which can lead to a Denial of Service. Sources across NVD/CNVD/CVELIST describe the issue consistently, with DoS impact; no exploit details are provided in the connected documents....
Jsish 缓冲区错误漏洞
Jsish is a small JavaScript parser with a built-in database written in C. A denial of service vulnerability exists in Jsish v3.5.0, which stems from a failure to properly handle incoming error messages. An attacker can cause a denial of service DoS via jsiArraySliceCmd in src/jsiArray.c...
Debian: Security Advisory (DLA-2885-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2885-1] qtsvg-opensource-src security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2885-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta January 17, 2022 https://wiki.debian.org/LTS -...
CVE-2021-46325
Espruino 2v10.246 was discovered to contain a stack buffer overflow via src/jsutils.c in vcbprintf...
CVE-2021-46323
Espruino 2v11.251 was discovered to contain a SEGV vulnerability via src/jsinteractive.c in jsiGetDeviceFromClass...
Security feature bypass
Espruino 2v11.251 was discovered to contain a SEGV vulnerability via src/jsinteractive.c in jsiGetDeviceFromClass...
CVE-2021-46322
Duktape v2.99.99 was discovered to contain a SEGV vulnerability via the component dukpushtval in duktape/dukapistack.c...
CVE-2021-46324
Espruino 2v11.251 is affected by a stack buffer overflow in jsvNewFromString (src/jsvar.c). Public records (NVD, CVE-2021-46324) indicate the flaw originates in memory boundary handling within Espruino’s JavaScript interpreter, potentially impacting confidentiality, integrity, and availability (C...
CVE-2021-46324
Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString...
CVE-2021-46323
CVE-2021-46323 affects Espruino 2v11.251, with a SEGV (segmentation fault) vulnerability in src/jsinteractive.c, function jsiGetDeviceFromClass. The CVSS data show: AV:N/AC:M/Au:N/C:N/I:N/A:P (CVSS2, base 4.3) and AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H (CVSS3, base 5.5). Exploitation details are not...
Important: xorg-x11-server
Issue Overview: A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the SProcRenderCompositeGlyphs function due to improper validation of the request length. CVE-2021-4008 A flaw was found in xorg-x11-server. An out-of-bounds access can occur in the...
in mruby/mruby
Description There is a NULL Pointer Dereference in preparesingletonclass src/class.c:360:13. This bug has been found on mruby lastest commit hash 171d32c0071d776207174a40a8fa26def3dbb931 on Ubuntu 20.04 for x8664/amd64. Proof of Concept 1.timesb= a=0 0,m:0 c=0=0,nil=nil0 def mend def c.eend Steps...