91 matches found
CVE-2024-34250
A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasmloadercheckbr" function in core/iwasm/interpreter/wasmloader.c...
CVE-2025-64713
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, an out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM bytecode loading. When framerefbottom and frameoffsetbottom arrays are at capacity and a GETGLOBALI32...
WebAssembly Micro Runtime frame_offset_bottom array bounds overflow in fast Interpreter mode when handling GET_GLOBAL(I32) followed by if opcode
...
CVE-2025-64713
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, an out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM bytecode loading. When framerefbottom and frameoffsetbottom arrays are at capacity and a GETGLOBALI32...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the preservelocalforblock function, when handling a sequence where a GETGLOBALI32 opcode is followed by an if opcode in fast interpreter mode. An attacker can cause out-of-bounds access to the frameoffsetbottom arr...
CVE-2025-64713 WebAssembly Micro Runtime frame_offset_bottom array bounds overflow in fast Interpreter mode when handling GET_GLOBAL(I32) followed by if opcode
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, an out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM bytecode loading. When framerefbottom and frameoffsetbottom arrays are at capacity and a GETGLOBALI32...
CVE-2025-64713 WebAssembly Micro Runtime frame_offset_bottom array bounds overflow in fast Interpreter mode when handling GET_GLOBAL(I32) followed by if opcode
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, an out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM bytecode loading. When framerefbottom and frameoffsetbottom arrays are at capacity and a GETGLOBALI32...
CVE-2025-64713
CVE-2025-64713 affects WebAssembly Micro Runtime (WAMR). In fast interpreter mode prior to version 2.4.4, an out-of-bounds access can occur during WASM bytecode loading when frame_ref_bottom and frame_offset_bottom arrays are at capacity, a GET_GLOBAL(I32) opcode expands frame_ref_bottom but not ...
CVE-2025-64704 WebAssembly Micro Runtime vulnerable to a segmentation fault in v128.store instruction
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, WAMR is susceptible to a segmentation fault in v128.store instruction. This issue has been patched in version 2.4.4...
CVE-2025-64704
The CVE-2025-64704 affects the WebAssembly Micro Runtime (WAMR) prior to version 2.4.4. The root cause is a segmentation fault in the v128.store instruction, leading to potential crashes or disruption of execution when processing Wasm code. The issue has been patched in WAMR 2.4.4, so upgrading t...
CVE-2025-64704 WebAssembly Micro Runtime vulnerable to a segmentation fault in v128.store instruction
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, WAMR is susceptible to a segmentation fault in v128.store instruction. This issue has been patched in version 2.4.4...
EUVD-2025-199656
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, WAMR is susceptible to a segmentation fault in v128.store instruction. This issue has been patched in version 2.4.4...
PT-2025-48091
Name of the Vulnerable Software and Affected Versions WebAssembly Micro Runtime WAMR versions prior to 2.4.4 Description WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Versions prior to 2.4.4 are susceptible to a segmentation fault in the v128.store...
WebAssembly Micro Runtime 代码问题漏洞
WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...
WebAssembly Micro Runtime 缓冲区错误漏洞
WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...
EUVD-2025-23050
Malicious code in bioql PyPI...
EUVD-2025-29631
Malicious code in bioql PyPI...
EUVD-2023-52186
Malicious code in bioql PyPI...
Untrusted Pointer Dereference
Overview Affected versions of this package are vulnerable to Untrusted Pointer Dereference in the memory.fill process when the first operand memory address pointer is greater than or equal to 2147483648 bytes in LLVM-JIT mode. An attacker can cause the runtime to hang or crash by executing a...
CVE-2025-58749 WAMR runtime hangs or crashes with large memory.fill addresses in LLVM-JIT mode
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...