60 matches found
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the v128.store instruction. An attacker can cause a segmentation fault and disrupt normal execution by triggering improper handling of memory operations. Remediation A fix was...
EUVD-2025-199655
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, an out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM bytecode loading. When framerefbottom and frameoffsetbottom arrays are at capacity and a GETGLOBALI32...
CVE-2025-64713 WebAssembly Micro Runtime frame_offset_bottom array bounds overflow in fast Interpreter mode when handling GET_GLOBAL(I32) followed by if opcode
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, an out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM bytecode loading. When framerefbottom and frameoffsetbottom arrays are at capacity and a GETGLOBALI32...
CVE-2025-64704 WebAssembly Micro Runtime vulnerable to a segmentation fault in v128.store instruction
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, WAMR is susceptible to a segmentation fault in v128.store instruction. This issue has been patched in version 2.4.4...
PT-2025-48092
Name of the Vulnerable Software and Affected Versions WebAssembly Micro Runtime WAMR versions prior to 2.4.4 Description WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. An out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM...
CVE-2025-64345 Wasmtime provides unsound API access to a WebAssembly shared linear memory
Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...
Linux Distros Unpatched Vulnerability : CVE-2025-62711
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. In versions from 38.0.0 to before 38.0.3, the implementation of component-model related host-to-wasm trampolines in...
EUVD-2025-6418
Malicious code in bioql PyPI...
EUVD-2025-28017
Malicious code in bioql PyPI...
EUVD-2023-3103
Malicious code in bioql PyPI...
CVE-2025-58749
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...
Untrusted Pointer Dereference
Overview Affected versions of this package are vulnerable to Untrusted Pointer Dereference in the memory.fill process when the first operand memory address pointer is greater than or equal to 2147483648 bytes in LLVM-JIT mode. An attacker can cause the runtime to hang or crash by executing a...
CVE-2025-58749
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...
CVE-2025-58749
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...
AZL-67617 CVE-2025-58749 affecting package fluent-bit for versions less than 3.0.6-4
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...
AZL-67608 CVE-2025-58749 affecting package fluent-bit for versions less than 3.1.9-6
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...
CVE-2025-58749 WAMR runtime hangs or crashes with large memory.fill addresses in LLVM-JIT mode
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...
CVE-2025-58749 WAMR runtime hangs or crashes with large memory.fill addresses in LLVM-JIT mode
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...
PT-2025-38054
Name of the Vulnerable Software and Affected Versions: WebAssembly Micro Runtime WAMR versions prior to 2.4.2 Description: WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. When running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembl...
PT-2025-30073 · Bytecode Alliance · Wasmtime
Name of the Vulnerable Software and Affected Versions: Wasmtime versions 24.0.0 through 24.0.3 Wasmtime versions 33.0.0 through 33.0.1 Wasmtime versions 34.0.0 through 34.0.1 Description: Wasmtime is a runtime for WebAssembly. A bug in Wasmtime's implementation of the WASIp1 set of import functio...