Linux Distros Unpatched Vulnerability : CVE-2023-46331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebAssembly wabt 1.0.33 has an Out-of-Bound Memory Read in in DataSegment::IsValidRange, which lead to segmentation fault. CVE-2023-46331 Note that Nessus relie...

Linux Distros Unpatched Vulnerability : CVE-2023-27115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::catcomputesize. CVE-2023-27115 Note that Nessus relies on the presenc...

The WASM Cloak: Evaluating Browser Fingerprinting Defenses under WebAssembly Based Obfuscation

Browser fingerprinting defenses have historically focused on detecting JavaScriptJS-based tracking techniques. However, the widespread adoption of WebAssembly WASM introduces a potential blind spot, as adversaries can convert JS to WASM's low-level binary format to obfuscate malicious logic. This...

Linux Distros Unpatched Vulnerability : CVE-2023-46332

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebAssembly wabt 1.0.33 contains an Out-of-Bound Memory Write in DataSegment::Drop, which lead to segmentation fault. CVE-2023-46332 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2018-11378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The wasmdis function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file. CVE-2018-11378 Note that Nessus relies o...

Linux Distros Unpatched Vulnerability : CVE-2023-27117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebAssembly v1.0.29 was discovered to contain a heap overflow via the component component wabt::Node::operator. CVE-2023-27117 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2025-6275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of...

Linux Distros Unpatched Vulnerability : CVE-2017-7716

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The readu32leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service heap-based buffer over-read and...

Linux Distros Unpatched Vulnerability : CVE-2019-7153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFunctions in wasm/wasm- binary.cpp when calling...

Linux Distros Unpatched Vulnerability : CVE-2018-6116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a...

Linux Distros Unpatched Vulnerability : CVE-2025-2368

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::anonymous...

Path Traversal

github.com/traefik/traefik is vulnerable to path traversal. The vulnerability is due to improper validation of file paths in the WASM plugin installation mechanism, which allows an attacker to supply a malicious ZIP archive with ../ sequences to overwrite arbitrary files on the system...

Linux Distros Unpatched Vulnerability : CVE-2018-6061

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap...

Linux Distros Unpatched Vulnerability : CVE-2017-15413

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

Linux Distros Unpatched Vulnerability : CVE-2018-6131

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

Linux Distros Unpatched Vulnerability : CVE-2018-6092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbo...

Linux Distros Unpatched Vulnerability : CVE-2018-6087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML...

Linux Distros Unpatched Vulnerability : CVE-2018-17458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to execute arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2017-15429

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML...

Linux Distros Unpatched Vulnerability : CVE-2021-38297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is use...