SUSE CVE-2024-30161

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are unaffected...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability previously existed in Google Chrome version 123.0.6312.86, which stemmed from a type confusion issue in the WebAssembly module...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 7 security fixes: 327807820 Critical CVE-2024-2883: Use after free in ANGLE. Reported by Cassidy Kim@cassidy6564 on 2024-03-03 328958020 High CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz on 2024-03-11 330575496 High CVE-2024-2886: Use...

Google Chrome < 123.0.6312.86 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 123.0.6312.86. It is, therefore, affected by multiple vulnerabilities as referenced in the 202403stable-channel-update-for-desktop26 advisory. - Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowe...

CVE-2024-30161

A flaw was found in the qt6 package where the WebAssembly wasm component may access the network reply header due to a dangling pointer. This issue may allow an attacker to gain access to restricted data, impacting data confidentiality and integrity...

CVE-2024-30161

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are unaffected...

CVE-2024-30161

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are unaffected...

AZL-38545 CVE-2024-30161 affecting package qtbase for versions less than 6.6.3-2

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are unaffected...

CVE-2024-30161

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are unaffected...

CVE-2024-28123

Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit 128, as it will surpass the...

CVE-2024-27936

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Starting in version 1.32.1 and prior to version 1.41.0 of the deno library, maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request...

CVE-2024-27935

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.35.1 and prior to version 1.36.3, a vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets o...

CVE-2024-27933

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In version 1.39.0, use of raw file descriptors in opnodeipcpipe leads to premature close of arbitrary file descriptors, allowing standard input to be re-opened as a different resource resulting in permission prompt bypass. Node childproce...

CVE-2024-27932

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.8.0 and prior to version 1.40.4, Deno improperly checks that an import specifier's hostname is equal to or a child of a token's hostname, which can cause tokens to be sent to servers they shouldn't be sent to. An aut...

WebAssembly 缓冲区错误漏洞

WebAssembly is a binary instruction format for stack-based virtual machines from WebAssembly. A security vulnerability exists in WebAssembly versions prior to 0.31.1 that stems from an out-of-bounds buffer write if the host calls or restores more parameters than the default limit 128 for Wasm...

CVE-2024-2606

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox 124...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security bypass vulnerability exists in Mozilla Firefox that stems from improper handling of WASM register values. An attacker can exploit the vulnerability to create invalid wasm values...

UBUNTU-CVE-2024-2606

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox 124...

Out-of-bounds

Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit 128, as it will surpass the...

Cross site scripting

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.35.1 and prior to version 1.36.3, a vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets o...