Show filters
52 Total Results
Displaying 41-50 of 52
Sort by:
Attacker Value
Unknown
CVE-2020-22907
Disclosure Date: July 13, 2021 (last updated February 23, 2025)
Stack overflow vulnerability in function jsi_evalcode_sub in jsish before 3.0.18, allows remote attackers to cause a Denial of Service via a crafted value to the execute parameter.
0
Attacker Value
Unknown
CVE-2019-1010172
Disclosure Date: July 25, 2019 (last updated November 27, 2024)
Jsish 2.4.84 2.0484 is affected by: Uncontrolled Resource Consumption. The impact is: denial of service. The component is: function jsiValueGetString (jsiUtils.c). The attack vector is: executing crafted javascript code. The fixed version is: after commit f3a8096e0ce44bbf36c1dcb6e603adf9c8670c39.
0
Attacker Value
Unknown
CVE-2019-1010177
Disclosure Date: July 24, 2019 (last updated November 27, 2024)
Jsish 2.4.70 2.047 is affected by: Use After Free. The impact is: denial of service and possibly arbitrary code execution. The component is: function Jsi_RegExpNew (jsi/jsiRegexp.c:39). The attack vector is: executing crafted javascript code. The fixed version is: after commit 48a66c798d.
0
Attacker Value
Unknown
CVE-2019-1010173
Disclosure Date: July 23, 2019 (last updated November 27, 2024)
Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is: denial of service. The component is: function Jsi_ValueArrayIndex (jsiValue.c:366). The attack vector is: executing crafted javascript code. The fixed version is: after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3.
0
Attacker Value
Unknown
CVE-2019-1010162
Disclosure Date: July 23, 2019 (last updated November 27, 2024)
jsish 2.4.74 2.0474 is affected by: CWE-476: NULL Pointer Dereference. The impact is: denial of service. The component is: function Jsi_StrcmpDict (jsiChar.c:121). The attack vector is: The victim must execute crafted javascript code. The fixed version is: 2.4.77.
0
Attacker Value
Unknown
CVE-2019-1010169
Disclosure Date: July 23, 2019 (last updated November 27, 2024)
Jsish 2.4.77 2.0477 is affected by: Out-of-bounds Read. The impact is: denial of service. The component is: function lexer_getchar (jsiLexer.c:9). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.78.
0
Attacker Value
Unknown
CVE-2019-1010170
Disclosure Date: July 23, 2019 (last updated November 27, 2024)
Jsish 2.4.77 2.0477 is affected by: Use After Free. The impact is: denial of service. The component is: function Jsi_ObjFree (jsiObj.c:230). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.78.
0
Attacker Value
Unknown
CVE-2019-1010171
Disclosure Date: July 23, 2019 (last updated November 27, 2024)
Jsish 2.4.83 2.0483 is affected by: Nullpointer dereference. The impact is: denial of service. The component is: function jsi_DumpFunctions (jsiEval.c:567). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.84.
0
Attacker Value
Unknown
CVE-2018-1000668
Disclosure Date: September 06, 2018 (last updated November 27, 2024)
jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsi_ObjArrayLookup (jsiObj.c:274) that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code. This vulnerability appears to have been fixed in 2.4.71.
0
Attacker Value
Unknown
CVE-2018-1000663
Disclosure Date: September 06, 2018 (last updated November 27, 2024)
jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in function _jsi_evalcode from jsiEval.c that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code.
0
