2105 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-7521
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1,...
Linux Distros Unpatched Vulnerability : CVE-2025-53901
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the WASIp1 set of import functions ca...
Linux Distros Unpatched Vulnerability : CVE-2018-5094
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow vulnerability may occur in WebAssembly when shrinkElements is called followed by garbage collection on memory that is now uninitialized...
Linux Distros Unpatched Vulnerability : CVE-2023-4046
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially...
Linux Distros Unpatched Vulnerability : CVE-2024-3856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox 125...
Important: thunderbird
Issue Overview: On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This vulnerability affects Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.1...
Linux Distros Unpatched Vulnerability : CVE-2022-39392
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the...
Traefik 安全漏洞
Traefik is an open source reverse proxy and load balancing tool from Traefik Open Source. A security vulnerability exists in Traefik versions 2.11.27 and earlier, 3.0.0 through 3.4.4, and 3.5.0-rc1, which stems from a path traversal in the WASM plugin installation mechanism that could lead to...
CVE-2025-54126
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
firefox: thunderbird: Large branch table could lead to truncated instruction
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM brtable instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of th...
firefox: thunderbird: Large branch table could lead to truncated instruction
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM brtable instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of th...
firefox: thunderbird: Large branch table could lead to truncated instruction
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM brtable instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of th...
CVE-2025-54126
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
CVE-2025-54126
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
CVE-2025-54126
The CVE-2025-54126 entry concerns WebAssembly Micro Runtime (WAMR) iwasm binary; versions 2.4.0 and earlier use --addr-pool with an IPv4 address lacking a subnet mask, allowing acceptance of all IPs and potentially bypassing access restrictions. This exposes services to all external connections a...
firefox: thunderbird: Large branch table could lead to truncated instruction
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM brtable instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of th...
firefox: thunderbird: Large branch table could lead to truncated instruction
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM brtable instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of th...
WebAssembly Micro Runtime 安全漏洞
WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...