816 matches found
UBUNTU-CVE-2026-34983
Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...
CVE-2026-34983 Wasmtime has a use-after-free bug after cloning `wasmtime::Linker`
Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...
CVE-2026-34983 Wasmtime has a use-after-free bug after cloning `wasmtime::Linker`
Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...
CVE-2026-34983
Wasmtime 43.0.0 contains a use-after-free bug when cloning wasmtime::Linker, triggered by a specific host embedder API sequence (clone, drop original, use cloned linker). The issue is not controllable by guest Wasm programs and can manifest as a segfault; it does not enable heap corruption or dat...
CVE-2026-34983
Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...
RUSTSEC-2026-0090 Use-after-free bug after cloning `wasmtime::Linker`
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hfr4-7c6c-48w2 For more information see the GitHub-hosted security advisory...
Use-after-free bug after cloning `wasmtime::Linker`
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hfr4-7c6c-48w2 For more information see the GitHub-hosted security advisory...
wasmtime 资源管理错误漏洞
Wasmtime is a lightweight WebAssembly runtime open source by the Bytecode Alliance. Version 43.0.0 of Wastime contains a resource management vulnerability. This vulnerability stems from a flaw in cloning wastim::Linker, which may lead to reuse after reclamation...
PT-2026-31689
Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...
Linux Distros Unpatched Vulnerability : CVE-2026-34983
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by...
CVE-2026-34079
A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. The caching mechanism for ld.so dynamic linker/loader improperly removes outdated cache files without adequately verifying that the application-controlled path to the outdated cache is within the designated...
DEBIAN-CVE-2026-34079
Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete arbitrary files on t...
CVE-2026-34079
Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete arbitrary files on t...
UBUNTU-CVE-2026-34079
Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete arbitrary files on t...
CVE-2026-34079 Flatpak affected by arbitrary file deletion on the host filesystem
Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete arbitrary files on t...
CVE-2026-34079
Flatpak (Linux application sandboxing) before version 1.16.4 had a flaw in ld.so cache cleanup: it could delete arbitrary files on the host if the app-controlled path to outdated cache wasn't properly verified within the cache directory. The vulnerability is fixed in 1.16.4. Impact is described a...
CVE-2026-34079 Flatpak affected by arbitrary file deletion on the host filesystem
Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete arbitrary files on t...
CVE-2026-22177
OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODEOPTIONS or LD through configuration to execute arbitrary code in the OpenClaw gateway service...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-11.0.1)
The version of AHV installed on the remote host is prior to AHV-11.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-11.0.1 advisory. - A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the...
EUVD-2026-12196
A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may...