95 matches found
PT-2026-31693
Name of the Vulnerable Software and Affected Versions Wasmtime versions prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1 Description Wasmtime's implementation of transcoding strings between components has a flaw where the return value of a guest component's realloc function is not validated before the...
PT-2026-31681
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be...
PT-2026-31680
Name of the Vulnerable Software and Affected Versions Wasmtime versions prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1 Description Wasmtime contains an issue where transcoding a UTF-16 string to the latin1+utf16 component-model encoding incorrectly validates the byte length of the input string durin...
Linux Distros Unpatched Vulnerability : CVE-2026-34941
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to...
Linux Distros Unpatched Vulnerability : CVE-2026-34942
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's...
EUVD-2018-6583
Malware in sbrugna...
EUVD-2025-16433
Malicious code in bioql PyPI...
FreeBSD : navidrome -- transcoding permission bypass vulnerability (95480188-6ebc-11f0-8a78-bf201f293bce)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 95480188-6ebc-11f0-8a78-bf201f293bce advisory. Deluan Quinto reports: A permission verification flaw in Navidrome allows any authenticated regular use...
Scalable Video Transcoding on Linode with Kubernetes and Capella
...
SUSE CVE-2025-48948
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
Permission Verification Flaw
github.com/navidrome/navidrome is vulnerable to a permission verification flaw. The vulnerability is due to insufficient permission verification, allowing regular authenticated users to perform administrator-only transcoding configuration operations...
CVE-2025-48948
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
CVE-2025-48948
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
CVE-2025-48948 Navidrome Transcoding Permission Bypass Vulnerability Report
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
CVE-2025-48948
Navidrome (open source web-based music server) has a permission verification flaw in versions prior to 0.56.0 that lets any authenticated regular user bypass authorization checks and perform administrator-only transcoding configuration operations (create, modify, delete settings). Root cause: ins...
CVE-2025-48948 Navidrome Transcoding Permission Bypass Vulnerability Report
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
CVE-2025-48948 Navidrome Transcoding Permission Bypass Vulnerability Report
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
CVE-2025-48948
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
GHSA-F238-RGGP-82M3 Navidrome Transcoding Permission Bypass Vulnerability Report
Summary A permission verification flaw in Navidrome allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating, modifying, and deleting transcoding settings. Details Navidrome supports transcoding...
Navidrome Transcoding Permission Bypass Vulnerability Report
Summary A permission verification flaw in Navidrome allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating, modifying, and deleting transcoding settings. Details Navidrome supports transcoding...