2109 matches found
Heap overflow
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else...
CVE-2018-16766
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because Errors::unreachable is reached...
Code injection
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because a certain newallocator allocate call fails...
CVE-2018-16765
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else...
CVE-2018-16766
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because Errors::unreachable is reached...
CVE-2018-16764
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an IR::FunctionValidationContext::catchall heap-based buffer over-read...
CVE-2018-16766
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because Errors::unreachable is reached...
CVE-2018-16766
WAVM (WebAssembly Virtual Machine) is affected by CVE-2018-16766. A crafted file can trigger Errors::unreachable(), potentially causing a denial of service (application crash) or other unspecified impact. The CVSS data (3.0) indicates a network-based, low-attack-vector issue with no privileges re...
CVE-2018-16767
CVE-2018-16767 affects WAVM (WebAssembly Virtual Machine). A crafted file sent to WAVM may trigger a heap-buffer-overflow in FunctionValidationContext::popAndValidateOperand, causing denial of service (application crash) and possibly other impact for WAVM versions up to and including 2018-07-26. ...
CVE-2018-16765
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else...
CVE-2018-16769
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled...
WAVM Denial of Service Vulnerability
WAVM is the WebAssembly Virtual Machine. A denial-of-service vulnerability exists in WAVM 2018-07-26 and prior versions, which can be exploited by an attacker to cause a denial of service application crash by sending a specially crafted file...
WAVM Buffer Overflow Vulnerability (CNVD-2019-09774)
WAVM is the WebAssembly Virtual Machine. A heap buffer overflow vulnerability exists in FunctionValidationContext::else in WAVM 2018-07-26 and earlier versions, which can be exploited by an attacker to cause a denial of service application crash by sending a specially crafted file...
WAVM Denial of Service Vulnerability (CNVD-2019-09772)
WAVM is the WebAssembly Virtual Machine. A denial-of-service vulnerability exists in WAVM 2018-07-26 and earlier versions, which stems from a failure of a certain newallocator allocation call and can be exploited by an attacker to cause a denial of service application crash by sending a specially...
WAVM Buffer Overflow Vulnerability (CNVD-2019-09770)
WAVM is the WebAssembly Virtual Machine. A heap buffer overflow vulnerability exists in IR::FunctionValidationContext::end in WAVM 2018-07-26 and earlier versions, which can be exploited by an attacker to cause a denial of service application crash by sending a specially crafted file...
WAVM Denial of Service Vulnerability (CNVD-2019-09771)
WAVM is the WebAssembly Virtual Machine. A denial of service vulnerability exists in WAVM 2018-07-26 and earlier versions, which stems from the program failing to properly handle the 'libRuntime.so!llvm::InstructionCombiningPass::runOnFunction' function. An attacker can cause a denial of service...
WAVM Buffer Overflow Vulnerability
WAVM is the WebAssembly Virtual Machine. A buffer overflow vulnerability exists in the 'FunctionValidationContext::popAndValidateOperand' function in WAVM 2018-07-26 and earlier versions, which can be exploited by an attacker by sending a specially crafted file to WAVM This can be exploited to...
WAVM Buffer Over-Read Vulnerability
WAVM is the WebAssembly Virtual Machine. A heap buffer over-read vulnerability exists in IR::FunctionValidationContext::catchall in WAVM 2018-07-26 and earlier versions, which can be exploited by an attacker to cause a denial of service application crash by sending a specially crafted file...
Google Chrome V8 Type Obfuscation Vulnerability (CNVD-2018-22402)
Google Chrome is the United States Google Google company developed a Web browser. v8 is one of the open source JavaScript engine. A type obfuscation vulnerability exists in WebAssembly of V8 in versions prior to Google Chrome 63.0.3239.84. A remote attacker can exploit this vulnerability to cause...
CVE-2017-15429
Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...