WebAssembly Micro Runtime 安全漏洞

WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...

Fedora 40 : chromium (2024-8b50ca2e22)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-8b50ca2e22 advisory. update to 124.0.6367.60 High CVE-2024-3832: Object corruption in V8 High CVE-2024-3833: Object corruption in WebAssembly High CVE-2024-3914: Use aft...

Updated chromium-browser-stable packages fix security vulnerabilities

The chromium-browser-stable package has been updated to the 124.0.6367.60 release. It includes 23 security fixes. Please, do note, only x8664 is supported from now on. i586 support for linux was stopped some years ago and the community is not able to provide patches anymore for the latest Chromiu...

The vulnerability of the WebAssembly component in Microsoft Edge and Google Chrome allows a hacker to execute arbitrary code.

The vulnerability of the WebAssembly component in Microsoft Edge and Google Chrome relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Object Corruption

chrome is vulnerable to a Object Corruption. The vulnerability is due to object corruption in WebAssembly within Google Chrome versions. It allows a remote attacker to potentially exploit object corruption via a crafted HTML page...

FreeBSD : chromium -- multiple security fixes (9bed230f-ffc8-11ee-8e76-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 9bed230f-ffc8-11ee-8e76-a8a1599412c6 advisory. - Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to...

Debian dsa-5668 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5668 advisory. - Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page...

Use-After-Free

firefox is vulnerable to Use-After-Free. The vulnerability is due to occurrence of garbage collection during the creation of an array in Mozilla Firefox's WebAssembly WASM execution process, potentially leading to a use-after-free condition...

CVE-2024-32477

The CVE-2024-32477 vulnerability affects Deno versions prior to 1.42.2, caused by a race between ANSI escape sequences (e.g., ) and reading standard input. This allows an attacker to manipulate the permission prompt and bypass the permission policy via the PTY channel. Several connected sourc...

Chromium: CVE-2024-3833 Object corruption in WebAssembly

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE CVE-2024-3833

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

Security advisory: Potential Use-After-Free issue in Qt for WebAssembly’s implementation of QNetworkReply

A recently reported potential Use-After-Free issue in Qt’s wasm implementation of QNetworkReply has been assigned the CVE id CVE-2024-30161. The issue was discovered in Qt versions 6.5.4, 6.5.5, and 6.6.2. QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly if...

KLA65692 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An...

CVE-2024-3833

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2024-3833

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-3833

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-3833

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-3833

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-3833

CVE-2024-3833 is a Chrome/Chromium WebAssembly object-corruption vulnerability (via a crafted HTML page) tracked as high-severity, with reported fixes in Chromium 124.0.6367.60 and later (ChromeOS notes cite 124.0.6367.95; Debian security advisories list 124.0.6367.60 as the fixed version). Affec...

CVE-2024-3833

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...