10 matches found
CVE-2021-46332
Moddable SDK v11.5.0 contains a heap-buffer-overflow in xs/sources/xsDataView.c at fxUint8Getter. Affected component is the Moddable SDK (IoT SDK); the overflow can lead to arbitrary code execution per CNVD/CNNVD entries. Public references note the same CVE-2021-46332 across multiple vendors (Red...
CVE-2021-46334
Moddable SDK v11.5.0 contains a stack buffer overflow in the __interceptor_strcat component caused by a boundary error when handling untrusted input. The CVE-2021-46334 entry specifies that this could allow remote code execution, with CVSS indicators in public references showing a potentially imp...
CVE-2021-46326
Summary: Moddable SDK v11.5.0 is affected by a heap-buffer-overflow caused by a boundary error in the __asan_memcpy component when handling untrusted input. This vulnerability could allow a remote attacker to execute arbitrary code on the system. The CNVD entry confirms the issue and impact; no e...
CVE-2021-46328
Moddable SDK v11.5.0 is affected by a heap-buffer-overflow vulnerability in the _libc_start_main component when processing untrusted input. The issue, described in CVE-2021-46328 and corroborated by CNVD-2022-08216 and Red Hat/RH advisories, can allow arbitrary code execution, with impact describ...
CVE-2021-46330
CVE-2021-46330 affects Moddable SDK v11.5.0 with a SEGV vulnerability in xs/sources/xsDataView.c, specifically fx_ArrayBuffer_prototype_concat. This is the root cause described across multiple sources. NVD lists impact as partial availability (CVSSv2) and high impact on availability (CVSSv3) with...
CVE-2021-46333
CVE-2021-46333 affects Moddable SDK v11.5.0. The root cause is an invalid memory access in the component __asan_memmove . Multiple connected sources describe this issue (e.g., CNVD-2022-08359; NVD entry) and note potential impact to availability. The documents do not provide exploit details or a ...
CVE-2021-46329
Moddable SDK v11.5.0 contains a SEGV vulnerability in the fini/_fini component. Affects the SDK, with impact described as confidentiality/integrity unaffected, availability impact: PARTIAL (CVSS v2) and HIGH (CVSS v3.1 with LOCAL, UI: REQUIRED). No remediation details are provided in the connecte...
CVE-2021-46327
Moddable SDK v11.5.0 contains a SEGV vulnerability in xsArray.c (fx_Array_prototype_sort). The root cause is a crash in the sort implementation within the XS engine (xs/sources/xsArray.c: fx_Array_prototype_sort). The provided connected documents confirm the affected product and code location but...
CVE-2021-46335
Affected software : Moddable SDK v11.5.0. Vulnerability : NULL pointer dereference in the component fx_Function_prototype_hasInstance. Impact : potential denial of service (as described by CNVD/NVD listings). References : multiple sources corroborate the issue (e.g., CNVD-2022-08217; NVD CVE-2021...
CVE-2021-46331
Summary: CVE-2021-46331 affects Moddable SDK v11.5.0, where a SEGV occurs in fxProxyGetPrototype (xsProxyGetPrototype) within the XS engine source xsProxy.c. The vulnerability is described as a segmentation fault in Moddable SDK, with the CVSS data indicating a partial availability impact (availa...