Shodan
Vulnerabilities
Vulnerable Software
Jsish:  >> Jsish  >> 2.4.70_2.047  Security Vulnerabilities
CVE-2020-23259
An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the Jsi_Strlen function in the src/jsiChar.c file.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-04-04
CVE-2020-23260
An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the StringReplaceCmd function in the src/jsiChar.c file.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-04-04
CVE-2020-22873
Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.025
Published
2021-07-13
CVE-2020-22874
Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.031
Published
2021-07-13
CVE-2020-22875
Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.031
Published
2021-07-13
CVE-2020-22907
Stack overflow vulnerability in function jsi_evalcode_sub in jsish before 3.0.18, allows remote attackers to cause a Denial of Service via a crafted value to the execute parameter.
CVSS Score
7.5
EPSS Score
0.008
Published
2021-07-13
CVE-2019-1010177
Jsish 2.4.70 2.047 is affected by: Use After Free. The impact is: denial of service and possibly arbitrary code execution. The component is: function Jsi_RegExpNew (jsi/jsiRegexp.c:39). The attack vector is: executing crafted javascript code. The fixed version is: after commit 48a66c798d.
CVSS Score
9.8
EPSS Score
0.013
Published
2019-07-24
CVE-2018-1000663
jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in function _jsi_evalcode from jsiEval.c that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-09-06
CVE-2018-1000668
jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsi_ObjArrayLookup (jsiObj.c:274) that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code. This vulnerability appears to have been fixed in 2.4.71.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-09-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved