Lucene search
K

1761 matches found

EUVD
EUVD
added 2026/04/09 8:22 p.m.4 views

EUVD-2026-21023

Wasmtime segfault or unused out-of-sandbox load with f64x2.splat operator on x86-64...

4.1CVSS5.9AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2026/04/09 7:16 p.m.8 views

CVE-2026-34944

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...

5.7CVSS0.00227EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 7:16 p.m.17 views

DEBIAN-CVE-2026-34944

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...

5.7CVSS5.3AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2026/04/09 7:16 p.m.8 views

CVE-2026-34941

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

8.1CVSS0.00376EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 7:16 p.m.1 views

DEBIAN-CVE-2026-34941

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

8.1CVSS5.5AI score0.00376EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/09 7:16 p.m.18 views

CVE-2026-34944

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...

5.7CVSS5.8AI score0.00227EPSS
Exploits0References2
OSV
OSV
added 2026/04/09 7:16 p.m.5 views

UBUNTU-CVE-2026-34944

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...

5.7CVSS5.8AI score0.00227EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/09 6:38 p.m.2 views

CVE-2026-34944

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...

4.1CVSS5.9AI score0.00227EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/09 6:38 p.m.5 views

CVE-2026-34944 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...

4.1CVSS5.8AI score0.00227EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/09 6:29 p.m.5 views

CVE-2026-34941

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

6.9CVSS5.9AI score0.00376EPSS
Exploits0References2Affected Software1
RustSec
RustSec
added 2026/04/09 12:0 p.m.7 views

Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on Cranelift x86-64

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-qqfj-4vcm-26hv For more information see the GitHub-hosted security advisory...

5.7CVSS5.9AI score0.00227EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/04/09 12:0 p.m.3 views

RUSTSEC-2026-0087 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on Cranelift x86-64

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-qqfj-4vcm-26hv For more information see the GitHub-hosted security advisory...

4.1CVSS5.8AI score0.00227EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.13 views

PT-2026-31685

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...

4.1CVSS5.9AI score0.00227EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-34944

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the...

5.7CVSS5.4AI score0.00227EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/09 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-34941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to...

8.1CVSS5.6AI score0.00376EPSS
Exploits0References3
OSV
OSV
added 2026/04/02 4:44 p.m.6 views

CLSA-2026-1775148284 binutils: Fix of 3 CVEs

CVE-2025-66862: fix heap-buffer-overflow in gnuspecial in cplus-dem.c - CVE-2025-66863: fix SEGV in ddiscriminator in cp-demangle.c - CVE-2025-66865: fix stack overflow in dprintcomp in cp-demangle.c...

7.5CVSS5.8AI score0.00323EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-38067)

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseqcs is non-zero The rseqcs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault ...

5.5CVSS6AI score0.00467EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/20 10:48 p.m.22 views

CVE-2026-21732 GPU DDK - libusc OOB write at ConvertSwitchToArrayLookupBP during WebGPU shader compilation

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

0.00288EPSS
Exploits0References1
NVD
NVD
added 2026/03/12 8:16 p.m.3 views

CVE-2026-32249

Vim is an open source, command line text editor. From 9.1.0011 to before 9.2.0137, Vim's NFA regex compiler, when encountering a collection containing a combining character as the endpoint of a character range e.g. 0-0\u05bb, incorrectly emits the composing bytes of that character as separate NFA...

5.5CVSS0.00133EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2026/03/10 9:18 p.m.14 views

K000160291: PostgreSQL vulnerability CVE-2025-12818

Security Advisory Description Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the...

5.9CVSS5.8AI score0.00307EPSS
Exploits0
Rows per page
Query Builder