170 matches found
Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception
The Mozilla Foundation Security Advisory describes this flaw as: When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a...
Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception
The Mozilla Foundation Security Advisory describes this flaw as: When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a...
Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception
The Mozilla Foundation Security Advisory describes this flaw as: When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a...
Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception
The Mozilla Foundation Security Advisory describes this flaw as: When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a...
Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception
The Mozilla Foundation Security Advisory describes this flaw as: When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a...
Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception
The Mozilla Foundation Security Advisory describes this flaw as: When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a...
Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception
The Mozilla Foundation Security Advisory describes this flaw as: When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a...
SUSE CVE-2023-4578
When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Synt...
CVE-2023-4578
The Mozilla Foundation Security Advisory describes this flaw as: When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a...
CVE-2023-4578
When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Synt...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a security vulnerability that stems from a syntax error that may be set by JS::CheckRegExpSyntax when called, which will result in a call to convertToRuntimeErrorAndClear...
Mozilla Firefox < 117.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 117.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-34 advisory. - Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs show...
Aero CMS v0.0.1 - SQL Injection (no auth) Vulnerability
Exploit Title: Aero CMS v0.0.1 - SQL Injection no auth Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using XAMPP, Apache/2.4.48 Win64...
OPENSUSE-SU-2023:0058-1 Security update for phpMyAdmin
This update for phpMyAdmin fixes the following issues: Update to 4.9.11: Fix an XSS attack through the drag-and-drop upload feature PMASA-2023-01, CWE-661, boo1208186, CVE-2023-25727 Fix broken pagination links in the navigation sidebar Fix syntax error for PHP 5 Fix hideconnectionerrors being...
SUSE CVE-2014-7192
Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file...
A Syntax Error Led to Crashing of KmsdBot Cryptomining Botnet
By Deeba Ahmed The KmsdBot was known for targeting both Linux and Windows devices. This is a post from HackRead.com Read the original post: A Syntax Error Led to Crashing of KmsdBot Cryptomining Botnet...
GHSA-8CWQ-4CMF-PX73 PocketMine-MP invalid skin geometry JSON data leading to server crash
Impact pocketmine\entity\Skin doesn't correctly handle errors produced by adhocore/json-comment, which throws RuntimeException rather than returning false as PocketMine-MP expects. This leads to a server crash if the skin geometry data is invalid for some reason e.g. a syntax error. Patches...
GHSA-HR8G-F6R6-MR22 Buffer over-flow in Pillow
When reading a TGA file with RLE packets that cross scan lines, Pillow reads the information past the end of the first line without deducting that from the length of the remaining file data. This vulnerability was introduced in Pillow 9.1.0, and can cause a heap buffer overflow. Opening an image...
U.S. Dept Of Defense: SQL injection located in `███` in POST param `████████`
Hey DoD security team! I was able to exploit an SQL injection 1 in one of your domains. Description An SQL injection 1 was discovered in domain https://████████/██████ in the parameter ██████████. The SQL injection was located in a WHERE statment fallowed by a INT value. The vulnerable parameter...
389-ds:1.4 bug fix update
389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Bug Fixes: Entries conflict not resolved by replication BZ1904347 Duplicate entryUSN numbers for...