CVE-2025-62494 Type confusion in string addition in QuickJS

A type confusion vulnerability exists in the handling of the string addition + operation within the QuickJS engine. The code first checks if the left-hand operand is a string. It then attempts to convert the right-hand operand to a primitive value using JSToPrimitiveFree. This conversion can...

CVE-2025-62494 Type confusion in string addition in QuickJS

A type confusion vulnerability exists in the handling of the string addition + operation within the QuickJS engine. The code first checks if the left-hand operand is a string. It then attempts to convert the right-hand operand to a primitive value using JSToPrimitiveFree. This conversion can...

QuickJS 安全漏洞

QuickJS is a small and embeddable Javascript engine open-sourced by QuickJS. A security vulnerability exists in QuickJS due to a type confusion when handling string addition operations, which could lead to out-of-bounds memory accesses and memory corruption to execute arbitrary code...

UBUNTU-CVE-2016-6296

Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...