973 matches found
WebAssembly wabt 缓冲区错误漏洞
WebAssembly wabt is a WebAssembly binary toolkit open-sourced by WebAssembly. A buffer error vulnerability exists in WebAssembly wabt 1.0.39 and earlier versions, which originates from an out-of-bounds read in the wabt::Decompiler::VarName function in the wasm-decompile component file...
PT-2026-1026
Name of the Vulnerable Software and Affected Versions WebAssembly wabt versions up to 1.0.39 Description A memory corruption issue exists in WebAssembly wabt. The issue is related to the wabt::AST::InsertNode function within the /src/repro/wabt/bin/wasm-decompile file of the wasm-decompile...
PT-2026-1028
Name of the Vulnerable Software and Affected Versions WebAssembly wabt versions up to 1.0.39 Description A security issue exists in WebAssembly wabt, specifically within the wabt::Decompiler::VarName function located in the /src/repro/wabt/bin/wasm-decompile file of the wasm-decompile component...
Linux Distros Unpatched Vulnerability : CVE-2025-15411
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in WebAssembly wabt up to 1.0.39. This vulnerability affects the function wabt::AST::InsertNode of the file...
CVE-2025-14956 WebAssembly Binaryen wasm-binary.cpp readExport heap-based overflow
A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...
CVE-2025-14956 WebAssembly Binaryen wasm-binary.cpp readExport heap-based overflow
A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...
CVE-2025-14956
A vulnerability was determined in WebAssembly Binaryen up to 125. Affected by this issue is the function WasmBinaryReader::readExport of the file src/wasm/wasm-binary.cpp. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...
Malicious Package
Overview wasm-bindgen is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in wasm-bindgen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b3b2a3d6aa85e6e53ccd0463891b26156f77f3b75134166dbc68c14ec2c6bd2 The package wasm-bindgen was found to contain malicious code. Source: ghsa-malware a1de8824d178cfc9806b7413eeb3661781e7e278f0b877117bddb857bddb592b A...
EUVD-2025-202373
Malicious code in wasm-bindgen npm...
MAL-2025-192419 Malicious code in wasm-bindgen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b3b2a3d6aa85e6e53ccd0463891b26156f77f3b75134166dbc68c14ec2c6bd2 The package wasm-bindgen was found to contain malicious code. Source: ghsa-malware a1de8824d178cfc9806b7413eeb3661781e7e278f0b877117bddb857bddb592b A...
RLSA-2023:5849 Important: nodejs:18 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 nodejs: integrity checks according t...
RockyLinux 9 : nodejs:18 (RLSA-2023:5849)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5849 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 nodejs: integrity checks according to...
Malicious Package
Overview umap-wasm is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Brave Desktop 1.85.111 Security Fixes
Improved IKEv2 VPN configuration parameters on Windows. - Enabled WASM Interpreter when JIT is disabled. Upgraded Chromium to 143.0.7499.40 — refer to Google Chrome advisories for inherited CVEs...
EUVD-2025-199931
Malicious code in umap-wasm npm...
Malicious code in umap-wasm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92fe0d08b117ec6e7dcd48b13025326c2f427f3251c624867c9f0d398bd2dab8 The package umap-wasm was found to contain malicious code. Source: ghsa-malware a8b9419bdb44fab11a3bade4b4831308972f0fc3acfd3472c362fe672339e8ab Any...
MAL-2025-191492 Malicious code in umap-wasm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92fe0d08b117ec6e7dcd48b13025326c2f427f3251c624867c9f0d398bd2dab8 The package umap-wasm was found to contain malicious code. Source: ghsa-malware a8b9419bdb44fab11a3bade4b4831308972f0fc3acfd3472c362fe672339e8ab Any...
CVE-2025-64713
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, an out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM bytecode loading. When framerefbottom and frameoffsetbottom arrays are at capacity and a GETGLOBALI32...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the preservelocalforblock function, when handling a sequence where a GETGLOBALI32 opcode is followed by an if opcode in fast interpreter mode. An attacker can cause out-of-bounds access to the frameoffsetbottom arr...