CVE-2021-44993

There is an Assertion ”ecma_is_value_boolean (base_value)” failed at /jerry-core/ecma/operations/ecma-get-put-value.c in Jerryscript 3.0.0.

Source: CVE-2021-44993

CVE-2021-44994

There is an Assertion ”JERRY_CONTEXT (jmem_heap_allocated_size) == 0” failed at /jerry-core/jmem/jmem-heap.c in Jerryscript 3.0.0.

Source: CVE-2021-44994

CVE-2021-46475

Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsi_ArraySliceCmd in src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS).

Source: CVE-2021-46475

CVE-2021-46478

Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiClearStack in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).

Source: CVE-2021-46478

CVE-2021-46474

Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiEvalCodeSub in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).

Source: CVE-2021-46474

CVE-2021-46480

Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiValueObjDelete in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).

Source: CVE-2021-46480

CVE-2021-43394

Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. An LDAP password is not properly validated.

Source: CVE-2021-43394

CVE-2022-0177

Cross-site Scripting (XSS) – DOM in GitHub repository mrdoob/three.js prior to 0.137.0.

Source: CVE-2022-0177

CVE-2021-45222

An issue was discovered in COINS Construction Cloud 11.12. Due to logical flaws in the human ressources interface, it is vulnerable to privilege escalation by HR personnel.

Source: CVE-2021-45222

CVE-2021-36343

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Source: CVE-2021-36343