6 matches found
EUVD-2026-20988
Wasmtime: Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding...
CVE-2026-34941
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...
CVE-2026-34941 Wasmtime has a Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...
Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hx6p-xpx3-jvvv For more information see the GitHub-hosted security advisory...
GSS-NTLMSSP vulnerable to memory corruption when decoding UTF16 strings
...
SUSE CVE-2005-4080
Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 null characters, which allows remote attackers to conduct cross-site scripting XSS attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer, which ignores the characters...