Lucene search
+L

51 matches found

nvd
nvd
added 4 days ago8 views

CVE-2026-10663

In Zephyr's experimental USB host stack CONFIGUSBHOSTSTACK, usbhdevicedisconnect subsys/usb/host/usbhdevice.c freed the root usbdevice slab object without clearing the cached pointer ctx-root. The bus removal handler devremovedhandler subsys/usb/host/usbhcore.c decides what to tear down solely fr...

6.1CVSS0.00159EPSS
Exploits0References2
vulnrichment
vulnrichment
added 4 days ago5 views

CVE-2026-10663 Use-after-free / double-free of the root USB device in the experimental USB host stack

In Zephyr's experimental USB host stack CONFIGUSBHOSTSTACK, usbhdevicedisconnect subsys/usb/host/usbhdevice.c freed the root usbdevice slab object without clearing the cached pointer ctx-root. The bus removal handler devremovedhandler subsys/usb/host/usbhcore.c decides what to tear down solely fr...

6.1CVSS6.1AI score0.00159EPSS
Exploits0References2
cve
cve
added 4 days ago15 views

CVE-2026-10663

The vulnerability CVE-2026-10663 affects Zephyr’s experimental USB host stack (CONFIG_USB_HOST_STACK). freed root usb_device slab in usbh_device_disconnect() leaves ctx->root dangling; bus removal handler dev_removed_handler() uses ctx->root to decide teardown. Synthesis of DEV_REMOVED even...

6.1CVSS6.1AI score0.00159EPSS
Exploits0References2
susecve
susecve
added 2026/04/13 11:26 p.m.9 views

SUSE CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.3CVSS5.8AI score0.00324EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/04/09 11:4 p.m.6 views

CVE-2026-34945

A flaw was found in Wasmtime's Winch compiler. This vulnerability, present in versions from 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, arises from an incorrect translation of the table.size instruction for 64-bit WebAssembly tables. An attacker, by crafting a malicious WebAssembly guest, could...

6.5CVSS5.8AI score0.00324EPSS
Exploits0References4
euvd
euvd
added 2026/04/09 8:23 p.m.8 views

EUVD-2026-21024

Wasmtime has host data leakage with 64-bit tables and Winch...

2.3CVSS5.9AI score0.00324EPSS
Exploits0References1
osv
osv
added 2026/04/09 8:23 p.m.5 views

GHSA-M9W2-8782-2946 Wasmtime has host data leakage with 64-bit tables and Winch

Impact Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the host's stack to WebAssembly guests. The host's stack can possibly contain sensitive...

6.5CVSS5.8AI score0.00324EPSS
Exploits0References4
nvd
nvd
added 2026/04/09 7:16 p.m.7 views

CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.5CVSS0.00324EPSS
Exploits0References1
osv
osv
added 2026/04/09 7:16 p.m.4 views

DEBIAN-CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.5CVSS5.5AI score0.00324EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2026/04/09 7:16 p.m.6 views

CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.5CVSS5.8AI score0.00324EPSS
Exploits0References2
osv
osv
added 2026/04/09 7:16 p.m.5 views

UBUNTU-CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.5CVSS5.8AI score0.00324EPSS
Exploits0References3
cvelist
cvelist
added 2026/04/09 6:40 p.m.22 views

CVE-2026-34945 Wasmtime leaks host data with 64-bit tables and Winch

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

2.3CVSS0.00324EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/04/09 6:40 p.m.7 views

CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

2.3CVSS5.9AI score0.00324EPSS
Exploits0References2Affected Software1
osv
osv
added 2026/04/09 6:40 p.m.1 views

CVE-2026-34945 Wasmtime leaks host data with 64-bit tables and Winch

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

2.3CVSS5.9AI score0.00324EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/04/09 12:0 a.m.5 views

PT-2026-31686

Name of the Vulnerable Software and Affected Versions Wasmtime versions 25.0.0 through 36.0.6, 42.0.2, and 43.0.1 Description Wasmtime's Winch compiler has a flaw in how it handles the table.size instruction with 64-bit tables, part of the WebAssembly memory64 proposal. This can lead to the...

6.5CVSS5.7AI score0.00324EPSS
Exploits0References16
nessus
nessus
added 2026/04/09 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-34945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of...

6.5CVSS5.5AI score0.00324EPSS
Exploits0References4
cnnvd
cnnvd
added 2025/12/27 12:0 a.m.5 views

Espressif IoT Development Framework 缓冲区错误漏洞

Espressif IoT Development Framework is an open source IoT development framework from Espressif Systems. A buffer error vulnerability exists in the Espressif IoT Development Framework versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and prior versions, which originates in the Bluetooth host stack in th...

8.6CVSS6.8AI score0.00377EPSS
Exploits0References9
cvelist
cvelist
added 2025/12/26 11:54 p.m.25 views

CVE-2025-68473 ESF-IDF Has Out-of-Bounds Read in ESP32 Bluetooth SDP Result Handling

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the ESP-IDF Bluetooth host stack BlueDroid, the function btadmsdpresult used a fixed-size array uuidlist32MAXUUIDSIZE to store discovered service UUIDs during the...

0.00377EPSS
Exploits0References8
redhatcve
redhatcve
added 2025/12/16 7:48 p.m.4 views

CVE-2025-12035

An integer overflow condition exists in Bluetooth Host stack, within the btbraclrecv routine a critical path for processing inbound BR/EDR L2CAP traffic...

6.5CVSS7.2AI score0.00188EPSS
Exploits0References1
nvd
nvd
added 2025/12/15 8:15 p.m.27 views

CVE-2025-12035

An integer overflow condition exists in Bluetooth Host stack, within the btbraclrecv routine a critical path for processing inbound BR/EDR L2CAP traffic...

6.5CVSS0.00188EPSS
Exploits0References1
Rows per page
Query Builder