Lucene search
K

2107 matches found

Prion
Prion
added 2018/09/21 7:29 a.m.19 views

Null pointer dereference

An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service application...

6.8CVSS9AI score0.01623EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2018/09/21 7:29 a.m.12 views

CVE-2018-17293

An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service application...

8.8CVSS7.6AI score
Exploits0References2
Cvelist
Cvelist
added 2018/09/21 6:0 a.m.20 views

CVE-2018-17293

An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service application...

9.1AI score0.01623EPSS
Exploits1References2
CNVD
CNVD
added 2018/09/21 12:0 a.m.2 views

WAVM Denial of Service Vulnerability (CNVD-2019-09769)

WAVM is the WebAssembly Virtual Machine. A denial-of-service vulnerability exists in versions of WAVM prior to 2018-09-16, which stems from the 'run' function in the Programs/wavm/wavm.cpp file failing to detect whether Emscripten memory holds command-line arguments, which can be exploited by an...

8.8CVSS8.4AI score0.01623EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/21 12:0 a.m.2 views

WAVM Denial of Service Vulnerability (CNVD-2019-09768)

WAVM is the WebAssembly Virtual Machine. A denial of service vulnerability exists in versions of WAVM prior to 2018-09-16, which stems from the loadModule function in Include/Inline/CLI.h failing to check the length of a file before the file MAGIC comparison, which can be exploited by an attacker...

6.5CVSS6.3AI score0.01228EPSS
Exploits1References1
Debian
Debian
added 2018/09/19 5:15 a.m.10 views

[SECURITY] [DSA 4297-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4297-1 [email protected] https://www.debian.org/security/ Michael Gilbert September 19, 2018 https://www.debian.org/security/faq -...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/09/17 12:0 a.m.15 views

openSUSE Security Update : chromium (openSUSE-2018-1005)

This update for Chromium to version 69.0.3497.92 fixes the following issues : Security issues fixed boo1108114 : - Function signature mismatch in WebAssembly - URL Spoofing in Omnibox The following tracked packaging issues were fixed : - the chromium package incorrectly provied swiftshader...

5.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2018/09/17 12:0 a.m.28 views

Google Chrome Security Updates (stable-channel-update-for-desktop-2018-09_11) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

8.8CVSS8.2AI score0.02222EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/09/17 12:0 a.m.27 views

Google Chrome Security Updates (stable-channel-update-for-desktop-2018-09_11) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

8.8CVSS8.2AI score0.02222EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2018/09/15 3:10 p.m.83 views

Security update for chromium (moderate)

This update for Chromium to version 69.0.3497.92 fixes the following issues: Security issues fixed boo1108114: - Function signature mismatch in WebAssembly - URL Spoofing in Omnibox The following tracked packaging issues were fixed: - the chromium package incorrectly provied swiftshader resolvabl...

4.5AI score
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/09/15 3:8 p.m.71 views

Security update for chromium (moderate)

This update for Chromium to version 69.0.3497.92 fixes the following issues: Security issues fixed boo1108114: - Function signature mismatch in WebAssembly - URL Spoofing in Omnibox The following tracked packaging issues were fixed: - the chromium package incorrectly provied swiftshader resolvabl...

4.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/09/12 12:0 a.m.35 views

Google Chrome < 69.0.3497.92 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 69.0.3497.92. It is, therefore, affected by multiple vulnerabilities as referenced in the 201809stable-channel-update-for-desktop11 advisory. - An improper update of the WebAssembly dispatch table in WebAssembly in Goog...

8.8CVSS7.9AI score0.02222EPSS
Exploits0References5
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2018/09/11 12:0 a.m.31 views

Stable Channel Update for Desktop

The stable channel has been updated to 69.0.3497.92 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictio...

8.8CVSS7.7AI score0.02222EPSS
Exploits0Affected Software1
NVD
NVD
added 2018/09/10 4:29 a.m.14 views

CVE-2018-16768

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR::FunctionValidationContext::end...

8.8CVSS9AI score0.01269EPSS
Exploits1References1
OSV
OSV
added 2018/09/10 4:29 a.m.4 views

CVE-2018-16770

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because a certain newallocator allocate call fails...

8.8CVSS5.8AI score0.01269EPSS
Exploits1References1
OSV
OSV
added 2018/09/10 4:29 a.m.4 views

CVE-2018-16769

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled...

8.8CVSS5.8AI score0.01269EPSS
Exploits1References1
NVD
NVD
added 2018/09/10 4:29 a.m.20 views

CVE-2018-16770

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because a certain newallocator allocate call fails...

8.8CVSS9AI score0.01269EPSS
Exploits1References1
Prion
Prion
added 2018/09/10 4:29 a.m.13 views

Heap overflow

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::popAndValidateOperand...

6.8CVSS8.9AI score0.01269EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/09/10 4:29 a.m.13 views

Heap overflow

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else...

6.8CVSS8.9AI score0.01269EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/09/10 4:29 a.m.17 views

CVE-2018-16765

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else...

8.8CVSS9AI score0.01269EPSS
Exploits1References1
Rows per page
Query Builder