2103 matches found
UBUNTU-CVE-2025-2368
A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::anonymous namespace::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to...
CVE-2025-2368 WebAssembly wabt Malformed File binary-reader-interp.cc OnExport heap-based overflow
A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::anonymous namespace::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to...
CVE-2025-2368
The CVE-2025-2368 entry concerns WebAssembly wabt 1.0.36. The vulnerability occurs in wabt/src/interp/binary-reader-interp.cc, in the BinaryReaderInterp::OnExport function, within the Malformed File Handler component, causing a heap-based buffer overflow. The issue is described as remotely exploi...
CVE-2025-2368 WebAssembly wabt Malformed File binary-reader-interp.cc OnExport heap-based overflow
A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::anonymous namespace::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to...
CVE-2025-2368
A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::anonymous namespace::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to...
PT-2025-11458
Name of the Vulnerable Software and Affected Versions WebAssembly wabt version 1.0.36 Description A critical issue affects the function wabt::interp::anonymous namespace::BinaryReaderInterp::OnExport of the component Malformed File Handler, leading to a heap-based buffer overflow. The attack may ...
WABT 安全漏洞
WABT is a WebAssembly binary toolkit open-sourced by WebAssembly. A security vulnerability exists in WABT version 1.0.36, which stems from a heap buffer overflow that could allow a remote attacker to execute arbitrary code...
The vulnerability of the `block_type_get_arity` function in the `core/iwasm/interpreter/wasm.h` file in the execution environment for WebAssembly applications, such as WebAssembly Micro Runtime (WAMR), allows a malicious actor to cause a service failure.
The vulnerability of the blocktypegetarity function in the core/iwasm/interpreter/wasm.h file, within the WebAssembly environment for WebAssembly Micro Runtime applications WAMR, involves reading beyond the permitted range of memory. Exploiting this vulnerability could allow a malicious actor to...
CVE-2025-29776
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...
CVE-2025-29776 Azle calling `setTimer` causes infinite loop of timers
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling setTimer in Azle versions 0.27.0, 0.28.0, and 0.29.0 causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop...
Azle 安全漏洞
Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP open-sourced by Demergent. A security vulnerability exists in Azle versions 0.27.0, 0.28.0, and 0.29.0 that stems from a call to setTimer that may result in an infinite loop...
firefox: JIT corruption of WASM i32 return values on 64-bit CPUs
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...
firefox: JIT corruption of WASM i32 return values on 64-bit CPUs
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...
firefox: JIT corruption of WASM i32 return values on 64-bit CPUs
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...
firefox: JIT corruption of WASM i32 return values on 64-bit CPUs
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...
firefox: JIT corruption of WASM i32 return values on 64-bit CPUs
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...
firefox: JIT corruption of WASM i32 return values on 64-bit CPUs
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...
firefox: JIT corruption of WASM i32 return values on 64-bit CPUs
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...
Linux Distros Unpatched Vulnerability : CVE-2025-1011
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This...
SUSE CVE-2025-1933
On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...