Escargot
Monthly
Integer overflow in Samsung Open Source Escargot causes undefined behavior and potential denial of service on local systems. The vulnerability affects the Escargot JavaScript engine (commit 97e8115ab1110bc502b4b5e4a0c689a71520d335 and related versions) and requires local access with low complexity to trigger. With CVSS 5.1 and EPSS not specified, the risk is moderate; no public exploit code or active exploitation has been confirmed at time of analysis.
Integer overflow in Samsung Escargot JavaScript engine allows remote attackers to trigger buffer overflows without authentication via network-delivered crafted JavaScript code. Affects commit 97e8115ab and prior versions. No public exploit identified at time of analysis, though upstream fix available (PR/commit); released patched version not independently confirmed. With CVSS 8.1 (High) and network attack vector requiring high complexity, this represents significant risk for devices and applications embedding the Escargot engine, particularly Samsung smart TV and appliance platforms.
Out-of-bounds write in Samsung Open Source Escargot JavaScript engine allows local attackers to execute arbitrary code or corrupt memory through buffer overflow conditions. This vulnerability affects Escargot commit 97e8115ab1110bc502b4b5e4a0c689a71520d335 and prior versions. With a 7.4 CVSS score (high confidentiality, integrity, and availability impact) but high attack complexity and local attack vector, exploitation requires specialized conditions. No public exploit identified at time of analysis, and EPSS data not available for this CVE.
Out-of-bounds read in Samsung Open Source Escargot JavaScript engine allows local attackers to leak sensitive memory contents and cause denial of service. Affects Escargot commit 97e8115ab1110bc502b4b5e4a0c689a71520d335 and potentially other versions; the vulnerability requires local access and specific conditions to trigger but can expose confidential data and crash the application without authentication. No public exploit identified at time of analysis.
Integer overflow in Samsung Open Source Escargot causes undefined behavior and potential denial of service on local systems. The vulnerability affects the Escargot JavaScript engine (commit 97e8115ab1110bc502b4b5e4a0c689a71520d335 and related versions) and requires local access with low complexity to trigger. With CVSS 5.1 and EPSS not specified, the risk is moderate; no public exploit code or active exploitation has been confirmed at time of analysis.
Integer overflow in Samsung Escargot JavaScript engine allows remote attackers to trigger buffer overflows without authentication via network-delivered crafted JavaScript code. Affects commit 97e8115ab and prior versions. No public exploit identified at time of analysis, though upstream fix available (PR/commit); released patched version not independently confirmed. With CVSS 8.1 (High) and network attack vector requiring high complexity, this represents significant risk for devices and applications embedding the Escargot engine, particularly Samsung smart TV and appliance platforms.
Out-of-bounds write in Samsung Open Source Escargot JavaScript engine allows local attackers to execute arbitrary code or corrupt memory through buffer overflow conditions. This vulnerability affects Escargot commit 97e8115ab1110bc502b4b5e4a0c689a71520d335 and prior versions. With a 7.4 CVSS score (high confidentiality, integrity, and availability impact) but high attack complexity and local attack vector, exploitation requires specialized conditions. No public exploit identified at time of analysis, and EPSS data not available for this CVE.
Out-of-bounds read in Samsung Open Source Escargot JavaScript engine allows local attackers to leak sensitive memory contents and cause denial of service. Affects Escargot commit 97e8115ab1110bc502b4b5e4a0c689a71520d335 and potentially other versions; the vulnerability requires local access and specific conditions to trigger but can expose confidential data and crash the application without authentication. No public exploit identified at time of analysis.