964 matches found
Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing
An out-of-bounds OOB write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected...
CVE-2024-34251
An out-of-bound memory read vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause a denial of service via the "blocktypegetarity" function in core/iwasm/interpreter/wasm.h...
CVE-2024-34250
A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasmloadercheckbr" function in core/iwasm/interpreter/wasmloader.c...
AZL-40433 CVE-2024-34250 affecting package fluent-bit for versions less than 2.2.3-1
A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasmloadercheckbr" function in core/iwasm/interpreter/wasmloader.c...
CVE-2024-34250
A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasmloadercheckbr" function in core/iwasm/interpreter/wasmloader.c...
CVE-2024-34251
An out-of-bound memory read vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause a denial of service via the "blocktypegetarity" function in core/iwasm/interpreter/wasm.h...
CVE-2024-34250
A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasmloadercheckbr" function in core/iwasm/interpreter/wasmloader.c...
CVE-2024-34250
A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasmloadercheckbr" function in core/iwasm/interpreter/wasmloader.c...
CVE-2024-34251
The CVE-2024-34251 issue affects Bytecode Alliance wasm-micro-runtime: version 2.0.0 contains an out-of-bounds memory read in block_type_get_arity within core/iwasm/interpreter/wasm.h, exposing a remote attacker to cause a denial of service. Public advisories (including Red Hat/RH CVE entry and O...
CVE-2024-34250
CVE-2024-34250 : A heap buffer overflow was found in Bytecode Alliance’s wasm-micro-runtime v2.0.0, allowing a remote attacker to cause a denial of service via the function wasm_loader_check_br in core/iwasm/interpreter/wasm_loader.c. The vulnerability is described across multiple feeds (includin...
PT-2024-25770 · Bytecode Alliance +2 · Wasm-Micro-Runtime +2
Name of the Vulnerable Software and Affected Versions: Bytecode Alliance wasm-micro-runtime version 2.0.0 Description: An out-of-bound memory read issue was discovered, allowing a remote attacker to cause a denial of service via the block type get arity function in core/iwasm/interpreter/wasm.h...
New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control C2 server IP...
Fedora: Security Advisory (FEDORA-2024-270cd506bb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: clojure-1.11.2-1.fc40
Clojure is a dynamic programming language that targets the Java Virtual Machine. It is designed to be a general-purpose language, combining the approachability and interactive development of a scripting language with an efficient and robust infrastructure for multithreaded programming. Clojure is...
Autodesk FBX Review Buffer Error Vulnerability
Autodesk FBX Review is a software application from the American company Autodesk, Inc. A lightweight, standalone software tool for fast, efficient viewing of 3D assets and animations. A buffer error vulnerability exists in Autodesk FBX Review 1.5.3.0 and prior versions, which stems from the...
MGASA-2024-0061 Updated java 1.8.0, 11 & latest packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Array out-of-bounds access due to missing range check in C1 compiler. CVE-2024-20918 RSA padding issue and timing side-channel attack against TLS. CVE-2024-20952 Arbitrary Java code execution in Nashorn. CVE-2024-20926 JVM class file verifier fla...
Fedora: Security Advisory for maven-dependency-analyzer (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for enjarify (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for objectweb-asm (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for ecj (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...