CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2105 matches found

RedhatCVE•added 2025/05/23 3:29 a.m.•6 views

CVE-2023-26489

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x8664 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug mea...

9.9CVSS9.6AI score0.01251EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:2 a.m.•9 views

CVE-2022-31104

Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bu...

6.8CVSS7AI score0.01625EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:43 p.m.•5 views

CVE-2022-21685

Frontier is Substrate's Ethereum compatibility layer. Prior to commit number 8a93fdc6c9f4eb1d2f2a11b7ff1d12d70bf5a664, a bug in Frontier's MODEXP precompile implementation can cause an integer underflow in certain conditions. This will cause a node crash for debug builds. For release builds and...

6.5CVSS6.7AI score0.01331EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:5 p.m.•8 views

CVE-2022-39392

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mappi...

7.4CVSS6.6AI score0.00577EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:30 p.m.•4 views

CVE-2020-6103

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered...

9.9CVSS7.9AI score0.02781EPSS

Exploits1References1

RedhatCVE•added 2025/05/17 5:59 p.m.•184 views

CVE-2025-43853

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. Anyone running WAMR up to and including version 2.2.0 or WAMR built with libc-uvwasi on Windows is affected by a symlink...

7CVSS6.9AI score0.0024EPSS

Exploits1References1

NVD•added 2025/05/15 6:15 p.m.•11 views

CVE-2025-43853

7CVSS0.0024EPSS

Exploits1References2

CVE•added 2025/05/15 5:13 p.m.•44 views

CVE-2025-43853

CVE-2025-43853 concerns the WebAssembly Micro Runtime (WAMR) iwasm binary, including builds with WASI support. A symlink-following vulnerability affects WAMR up to and including version 2.2.0 (and WAMR builds on Windows using libc-uvwasi), where creating a symlink outside the preopened sandbox an...

7CVSS6.5AI score0.0024EPSS

Exploits1References2Affected Software1

OSV•added 2025/05/15 5:13 p.m.•5 views

CVE-2025-43853 iwasm vulnerable to filesystem sandbox escape with symlink when using uvwasi feature

7CVSS6.7AI score0.0024EPSS

Exploits1References4

CNNVD•added 2025/05/15 12:0 a.m.•3 views

WebAssembly Micro Runtime 安全漏洞

WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...

7CVSS6.4AI score0.0024EPSS

Exploits1References2

Akamai Blog•added 2025/05/11 10:20 a.m.•6 views

WebAssembly Jobs and CronJobs in Kubernetes with SpinKube & the Spin Command Trigger

Learn how to run WebAssembly workloads as Kubernetes Jobs and CronJobs using SpinKube and the Spin command trigger...

5.8AI score

Exploits0

OSV•added 2025/05/07 7:11 p.m.•3 views

RLSA-2024:5391 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shar...

9.6CVSS8.2AI score0.00602EPSS

Exploits0References1

Fedora•added 2025/04/15 6:3 p.m.•9 views

[SECURITY] Fedora 42 Update: trunk-0.21.13-1.fc42

Build, bundle & ship your Rust WASM application to the web...

3.7CVSS6.9AI score0.00426EPSS

Exploits0

PyPA•added 2025/04/02 10:15 p.m.•6 views

PYSEC-2025-229

A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this vulnerability is the function BinaryReaderInterp::BeginFunctionBody of the file src/interp/binary-reader-interp.cc. The manipulation leads to null pointer dereference. The attack can be launched...

5.3CVSS4.3AI score0.00527EPSS

Exploits1References5Affected Software1

NVD•added 2025/04/02 10:15 p.m.•19 views

CVE-2025-3122

5.3CVSS0.00527EPSS

Exploits1References5

OSV•added 2025/04/02 10:15 p.m.•9 views

CVE-2025-3122

5.3CVSS7.1AI score

Exploits0References5

OSV•added 2025/04/02 10:15 p.m.•4 views

DEBIAN-CVE-2025-3122