Clingto

#717of 53,624
270Total CVSS
Vulnerabilities · 47
Medium
42
High
5
PT-2022-10251
5.5
2022-07-26
Yasm · Yasm · CVE-2021-33455
**Name of the Vulnerable Software and Affected Versions** yasm version 1.3.0 **Description** An issue was discovered in yasm, which involves a NULL pointer dereference in the `do directive()` function located in `modules/preprocs/nasm/nasm-pp.c`. **Recommendations** For yasm version 1.3.0, consider avoiding the use of the `do directive()` function until a patch is available. As a temporary workaround, restrict access to the `modules/preprocs/nasm/nasm-pp.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10253
5.5
2022-07-26
Yasm · Yasm · CVE-2021-33457
**Name of the Vulnerable Software and Affected Versions** yasm version 1.3.0 **Description** An issue was discovered in the `expand mmac params()` function in `modules/preprocs/nasm/nasm-pp.c`, which results in a NULL pointer dereference. **Recommendations** For yasm version 1.3.0, consider avoiding the use of the `expand mmac params()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10250
5.5
2022-07-26
Yasm · Yasm · CVE-2021-33454
**Name of the Vulnerable Software and Affected Versions** yasm version 1.3.0 **Description** An issue was discovered in yasm. There is a NULL pointer dereference in the `yasm expr get intnum()` function in the libyasm/expr.c file. **Recommendations** For yasm version 1.3.0, consider avoiding the use of the `yasm expr get intnum()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.
PT-2022-10241
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33445
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** An issue was discovered in mjs, a Restricted JavaScript engine, affecting ES6, which is JavaScript version 6. The problem is a NULL pointer dereference in the `mjs string char code at()` function located in mjs.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10245
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33449
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** An issue was discovered in mjs, a Restricted JavaScript engine, affecting ES6 (JavaScript version 6). The problem is a NULL pointer dereference in the `mjs bcode part get by offset()` function in mjs.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10252
5.5
2022-07-26
Yasm · Yasm · CVE-2021-33456
**Name of the Vulnerable Software and Affected Versions** yasm version 1.3.0 **Description** An issue was discovered in the `hash()` function in `modules/preprocs/nasm/nasm-pp.c`, which results in a NULL pointer dereference. **Recommendations** For yasm version 1.3.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10242
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33446
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** An issue was discovered in mjs, a Restricted JavaScript engine, specifically in ES6 (JavaScript version 6), where there is a NULL pointer dereference in the `mjs next()` function in `mjs.c`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10237
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33441
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** An issue was discovered in mjs, a Restricted JavaScript engine, affecting ES6, which is JavaScript version 6. The issue involves a NULL pointer dereference in the `exec expr()` function located in mjs.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10239
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33443
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** A stack buffer overflow issue was discovered in the mjs execute() function in mjs.c, affecting the mJS restricted JavaScript engine, specifically ES6 (JavaScript version 6). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10240
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33444
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** An issue was discovered in mjs, a Restricted JavaScript engine, affecting ES6, which is JavaScript version 6. The problem is a NULL pointer dereference in the `getprop builtin foreign()` function located in mjs.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10243
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33447
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** An issue was discovered in mjs, a Restricted JavaScript engine, affecting ES6 (JavaScript version 6). The problem is a NULL pointer dereference in the `mjs print()` function located in mjs.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10244
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33448
**Name of the Vulnerable Software and Affected Versions** mJS (affected versions not specified) **Description** An issue was discovered in mJS, a Restricted JavaScript engine, affecting ES6 (JavaScript version 6). The issue is a stack buffer overflow. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10247
5.5
2022-07-26
Lrzip · Lrzip · CVE-2021-33451
**Name of the Vulnerable Software and Affected Versions** lrzip version 0.641 **Description** An issue was discovered in the `fill buffer()` function in `stream.c`, which results in memory leaks. **Recommendations** For lrzip version 0.641, consider updating to a newer version that addresses the memory leak issue in the `fill buffer()` function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10249
7.8
2022-07-26
Lrzip · Lrzip · CVE-2021-33453
**Name of the Vulnerable Software and Affected Versions** lrzip version 0.641 **Description** An issue was discovered in the `ucompthread()` function in `stream.c` at line 1538, which is a use-after-free. **Recommendations** For lrzip version 0.641, consider disabling the `ucompthread()` function as a temporary workaround until a patch is available.
PT-2022-10236
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33440
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** An issue was discovered in mjs, a Restricted JavaScript engine, affecting ES6 (JavaScript version 6). The problem is a NULL pointer dereference in the `mjs bcode commit()` function in mjs.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10238
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33442
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** An issue was discovered in mjs, a Restricted JavaScript engine, affecting ES6, which is JavaScript version 6. The problem is a NULL pointer dereference in the `json printf()` function located in mjs.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10233
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33437
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** An issue was discovered in mjs, a Restricted JavaScript engine, affecting ES6 (JavaScript version 6). The problem lies in memory leaks within the `frozen cb()` function in mjs.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10234
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33438
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** An issue was discovered in mjs, a Restricted JavaScript engine, specifically in the ES6 version of JavaScript. The problem is a stack buffer overflow in the `json parse array()` function located in mjs.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10235
5.5
2022-07-26
Mjs · Mjs · CVE-2021-33439
**Name of the Vulnerable Software and Affected Versions** mjs (affected versions not specified) **Description** An issue was discovered in mjs, a Restricted JavaScript engine, specifically in ES6 (JavaScript version 6), where there is an integer overflow in the gc compact strings() function in mjs.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-10254
5.5
2022-07-26
Yasm · Yasm · CVE-2021-33458
**Name of the Vulnerable Software and Affected Versions** yasm version 1.3.0 **Description** An issue was discovered in the `find cc()` function in `modules/preprocs/nasm/nasm-pp.c`, which leads to a NULL pointer dereference. **Recommendations** For yasm version 1.3.0, consider disabling the `find cc()` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.