Fabrice Bellard

9 exploits Active since Jul 2022
CVE-2022-35414 WRITEUP HIGH WRITEUP
QEMU 4.1.50-7.0.0 - Use-After-Free in softmmu/physmem.c
softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. NOTE: a third party states that the Non-virtualization Use Case in the qemu.org reference applies here, i.e., "Bugs affecting the non-virtualization use case are not considered security bugs at this time.
CVSS 8.8
CVE-2022-35414 WRITEUP HIGH WRITEUP
QEMU 4.1.50-7.0.0 - Use-After-Free in softmmu/physmem.c
softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. NOTE: a third party states that the Non-virtualization Use Case in the qemu.org reference applies here, i.e., "Bugs affecting the non-virtualization use case are not considered security bugs at this time.
CVSS 8.8
CVE-2023-48183 WRITEUP HIGH WRITEUP
QuickJS < 2023-12-09 - NULL Pointer Dereference via Eval Lexical Scope Handling
QuickJS before c4cdd61 has a build_for_in_iterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval.
CVSS 7.5
CVE-2024-36618 WRITEUP MEDIUM WRITEUP
FFmpeg n6.1.1 - Denial of Service via Integer Overflow in AVI Demuxer
FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition.
CVSS 6.2
CVE-2025-12745 WRITEUP MEDIUM WRITEUP
QuickJS <eb2c89087def1829ed99630cb14b549d7a98408c - Buffer Over-read
A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function js_array_buffer_slice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public and could be exploited. This product adopts a rolling release strategy to maintain continuous delivery Patch name: c6fe5a98fd3ef3b7064e6e0145dfebfe12449fea. To fix this issue, it is recommended to deploy a patch.
CVSS 5.3
CVE-2025-46687 WRITEUP MEDIUM WRITEUP
QuickJS <2025-04-26 - Buffer Overflow
quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
CVSS 5.6
CVE-2025-46687 WRITEUP MEDIUM WRITEUP
QuickJS <2025-04-26 - Buffer Overflow
quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
CVSS 5.6
CVE-2025-46688 WRITEUP MEDIUM WRITEUP
QuickJS <2025-04-26 - Buffer Overflow
quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
CVSS 5.6
CVE-2025-46688 WRITEUP MEDIUM WRITEUP
QuickJS <2025-04-26 - Buffer Overflow
quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
CVSS 5.6