2107 matches found
Null pointer dereference
An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service application...
CVE-2018-17293
An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service application...
CVE-2018-17293
An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service application...
WAVM Denial of Service Vulnerability (CNVD-2019-09769)
WAVM is the WebAssembly Virtual Machine. A denial-of-service vulnerability exists in versions of WAVM prior to 2018-09-16, which stems from the 'run' function in the Programs/wavm/wavm.cpp file failing to detect whether Emscripten memory holds command-line arguments, which can be exploited by an...
WAVM Denial of Service Vulnerability (CNVD-2019-09768)
WAVM is the WebAssembly Virtual Machine. A denial of service vulnerability exists in versions of WAVM prior to 2018-09-16, which stems from the loadModule function in Include/Inline/CLI.h failing to check the length of a file before the file MAGIC comparison, which can be exploited by an attacker...
[SECURITY] [DSA 4297-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4297-1 [email protected] https://www.debian.org/security/ Michael Gilbert September 19, 2018 https://www.debian.org/security/faq -...
openSUSE Security Update : chromium (openSUSE-2018-1005)
This update for Chromium to version 69.0.3497.92 fixes the following issues : Security issues fixed boo1108114 : - Function signature mismatch in WebAssembly - URL Spoofing in Omnibox The following tracked packaging issues were fixed : - the chromium package incorrectly provied swiftshader...
Google Chrome Security Updates (stable-channel-update-for-desktop-2018-09_11) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Google Chrome Security Updates (stable-channel-update-for-desktop-2018-09_11) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Security update for chromium (moderate)
This update for Chromium to version 69.0.3497.92 fixes the following issues: Security issues fixed boo1108114: - Function signature mismatch in WebAssembly - URL Spoofing in Omnibox The following tracked packaging issues were fixed: - the chromium package incorrectly provied swiftshader resolvabl...
Security update for chromium (moderate)
This update for Chromium to version 69.0.3497.92 fixes the following issues: Security issues fixed boo1108114: - Function signature mismatch in WebAssembly - URL Spoofing in Omnibox The following tracked packaging issues were fixed: - the chromium package incorrectly provied swiftshader resolvabl...
Google Chrome < 69.0.3497.92 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 69.0.3497.92. It is, therefore, affected by multiple vulnerabilities as referenced in the 201809stable-channel-update-for-desktop11 advisory. - An improper update of the WebAssembly dispatch table in WebAssembly in Goog...
Stable Channel Update for Desktop
The stable channel has been updated to 69.0.3497.92 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictio...
CVE-2018-16768
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR::FunctionValidationContext::end...
CVE-2018-16770
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because a certain newallocator allocate call fails...
CVE-2018-16769
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled...
CVE-2018-16770
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because a certain newallocator allocate call fails...
Heap overflow
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::popAndValidateOperand...
Heap overflow
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else...
CVE-2018-16765
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else...