Lucene search
K

45 matches found

Vulnrichment
Vulnrichment
added 2025/07/29 9:52 p.m.3 views

CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...

6.9CVSS6.3AI score0.0061EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/07/29 9:52 p.m.65 views

CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...

6.9CVSS0.0061EPSS
Exploits1References3
CVE
CVE
added 2025/07/29 9:52 p.m.25 views

CVE-2025-54126

The CVE-2025-54126 entry concerns WebAssembly Micro Runtime (WAMR) iwasm binary; versions 2.4.0 and earlier use --addr-pool with an IPv4 address lacking a subnet mask, allowing acceptance of all IPs and potentially bypassing access restrictions. This exposes services to all external connections a...

6.9CVSS7.1AI score0.0061EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/29 12:0 a.m.8 views

PT-2025-31268 · Iwasm +1 · Iwasm +1

Name of the Vulnerable Software and Affected Versions: WebAssembly Micro Runtime WAMR iwasm versions 2.4.0 and below Description: The iwasm package uses the --addr-pool option with an IPv4 address lacking a subnet mask. This configuration allows the system to accept all IP addresses, potentially...

6.9CVSS6.3AI score0.0061EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/07/29 12:0 a.m.5 views

WebAssembly Micro Runtime 安全漏洞

WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...

6.9CVSS6.4AI score0.0061EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/17 5:59 p.m.260 views

CVE-2025-43853

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. Anyone running WAMR up to and including version 2.2.0 or WAMR built with libc-uvwasi on Windows is affected by a symlink...

7CVSS6.9AI score0.0024EPSS
Exploits1References1
NVD
NVD
added 2025/05/15 6:15 p.m.15 views

CVE-2025-43853

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. Anyone running WAMR up to and including version 2.2.0 or WAMR built with libc-uvwasi on Windows is affected by a symlink...

7CVSS0.0024EPSS
Exploits1References2
CVE
CVE
added 2025/05/15 5:13 p.m.53 views

CVE-2025-43853

CVE-2025-43853 concerns the WebAssembly Micro Runtime (WAMR) iwasm binary, including builds with WASI support. A symlink-following vulnerability affects WAMR up to and including version 2.2.0 (and WAMR builds on Windows using libc-uvwasi), where creating a symlink outside the preopened sandbox an...

7CVSS6.5AI score0.0024EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/05/15 5:13 p.m.6 views

CVE-2025-43853 iwasm vulnerable to filesystem sandbox escape with symlink when using uvwasi feature

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. Anyone running WAMR up to and including version 2.2.0 or WAMR built with libc-uvwasi on Windows is affected by a symlink...

7CVSS6.7AI score0.0024EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.3 views

WebAssembly Micro Runtime 安全漏洞

WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...

7CVSS6.4AI score0.0024EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.48 views

The vulnerability of the `block_type_get_arity` function in the `core/iwasm/interpreter/wasm.h` file in the execution environment for WebAssembly applications, such as WebAssembly Micro Runtime (WAMR), allows a malicious actor to cause a service failure.

The vulnerability of the blocktypegetarity function in the core/iwasm/interpreter/wasm.h file, within the WebAssembly environment for WebAssembly Micro Runtime applications WAMR, involves reading beyond the permitted range of memory. Exploiting this vulnerability could allow a malicious actor to...

7.8CVSS7.2AI score0.00758EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/11/08 10:15 p.m.6 views

AZL-52586 CVE-2024-27532 affecting package fluent-bit for versions less than 3.1.9-2

wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR 06df58f is vulnerable to NULL Pointer Dereference in function blocktypegetresulttypes...

7.5CVSS5.7AI score0.00493EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/11/08 12:0 a.m.13 views

CVE-2024-27532

wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR 06df58f is vulnerable to NULL Pointer Dereference in function blocktypegetresulttypes...

6.9AI score0.00493EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/11/08 12:0 a.m.6 views

WebAssembly Micro Runtime 安全漏洞

WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...

8.8CVSS6.8AI score0.00634EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/11/08 12:0 a.m.5 views

PT-2024-21938 · Unknown · Wasm-Micro-Runtime

Name of the Vulnerable Software and Affected Versions: wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR version 06df58f Description: The issue is related to a NULL Pointer Dereference in the function block type get result types. This indicates a problem where the code attempts to access...

7.5CVSS7.9AI score0.00493EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/11/08 12:0 a.m.5 views

WebAssembly Micro Runtime 安全漏洞

WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...

7.5CVSS6.5AI score0.00493EPSS
Exploits1References2
OSV
OSV
added 2024/11/08 12:0 a.m.3 views

CVE-2024-27532

wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR 06df58f is vulnerable to NULL Pointer Dereference in function blocktypegetresulttypes...

7.5CVSS7AI score0.00493EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/11/08 12:0 a.m.27 views

CVE-2024-27532

wasm-micro-runtime aka WebAssembly Micro Runtime or WAMR 06df58f is vulnerable to NULL Pointer Dereference in function blocktypegetresulttypes...

0.00493EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/05/06 12:0 a.m.5 views

WebAssembly Micro Runtime 安全漏洞

WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...

6.2CVSS7.3AI score0.00332EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/05/06 12:0 a.m.5 views

WebAssembly Micro Runtime 安全漏洞

WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...

7.5CVSS7.3AI score0.00758EPSS
Exploits1References2
Rows per page
Query Builder