RSS   Podatności dla 'Espruino'   RSS

2022-03-05
 
CVE-2022-25044

CWE-787
 

 
Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString.

 
 
CVE-2022-25465

CWE-787
 

 
Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling.

 
2022-01-20
 
CVE-2021-46323

NVD-CWE-noinfo
 

 
Espruino 2v11.251 was discovered to contain a SEGV vulnerability via src/jsinteractive.c in jsiGetDeviceFromClass.

 
 
CVE-2021-46324

CWE-787
 

 
Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString.

 
 
CVE-2021-46325

CWE-787
 

 
Espruino 2v10.246 was discovered to contain a stack buffer overflow via src/jsutils.c in vcbprintf.

 
2021-07-13
 
CVE-2020-22884

CWE-120
 

 
Buffer overflow vulnerability in function jsvGetStringChars in Espruino before RELEASE_2V09, allows remote attackers to execute arbitrary code.

 
2018-05-31
 
CVE-2018-11597

CWE-674
 

 
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because of a missing check for stack exhaustion with many '{' characters in jsparse.c.

 
 
CVE-2018-11593

CWE-787
 

 
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing because strncpy is misused in jslex.c.

 


Copyright 2024, cxsecurity.com

 

Back to Top