Lucene search
K

2106 matches found

The Hacker News
The Hacker News
added 2024/10/24 9:53 a.m.37 views

Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices

The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices. Cybersecurity vendor Kaspersky said it made the discovery after it came across a novel attack chain in May 20...

9.6CVSS9.2AI score0.15111EPSS
Exploits2
Talos
Talos
added 2024/10/23 12:0 a.m.17 views

NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-2015 NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0119 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D10 Driver 555.99...

7.8CVSS6.9AI score0.00415EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/10/15 3:7 a.m.2 views

SUSE CVE-2024-9859

Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00424EPSS
Exploits0References3
OSV
OSV
added 2024/10/11 5:15 p.m.10 views

CVE-2024-9859

Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score
Exploits0References1
NVD
NVD
added 2024/10/11 5:15 p.m.15 views

CVE-2024-9859

Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00424EPSS
Exploits0References1
OSV
OSV
added 2024/10/11 5:15 p.m.1 views

DEBIAN-CVE-2024-9859

Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.6AI score0.00424EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/11 4:32 p.m.20 views

CVE-2024-9859

Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

0.00424EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/11 4:32 p.m.8 views

CVE-2024-9859

Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.2AI score0.00424EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/10/11 4:32 p.m.16 views

CVE-2024-9859

Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.6AI score0.00424EPSS
Exploits0
OSV
OSV
added 2024/10/09 7:14 p.m.12 views

GHSA-7QMX-3FPX-R45M Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations

Impact Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption could, following an additional and particular...

2.9CVSS3.7AI score0.00152EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/10/09 7:14 p.m.18 views

Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations

Impact Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption could, following an additional and particular...

2.9CVSS3.7AI score0.00152EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/10/09 7:14 p.m.5 views

GHSA-Q8HX-MM92-4WVG wasmtime has a runtime crash when combining tail calls with trapping imports

Impact Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtime crash is a deterministic process abort when...

6.8CVSS5.4AI score0.00244EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2024/10/09 7:14 p.m.19 views

wasmtime has a runtime crash when combining tail calls with trapping imports

Impact Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtime crash is a deterministic process abort when...

5.5CVSS5.4AI score0.00244EPSS
Exploits0References12Affected Software1
RedhatCVE
RedhatCVE
added 2024/10/09 6:56 p.m.13 views

CVE-2024-47763

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS7AI score0.00244EPSS
Exploits0References1
NVD
NVD
added 2024/10/09 6:15 p.m.21 views

CVE-2024-47813

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS0.00152EPSS
Exploits0References2
NVD
NVD
added 2024/10/09 6:15 p.m.20 views

CVE-2024-47763

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS0.00244EPSS
Exploits0References6
OSV
OSV
added 2024/10/09 6:15 p.m.7 views

PYSEC-2024-312

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS5.8AI score0.00244EPSS
Exploits0References6
OSV
OSV
added 2024/10/09 6:15 p.m.3 views

UBUNTU-CVE-2024-47813

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS5.8AI score0.00152EPSS
Exploits0References4
OSV
OSV
added 2024/10/09 6:15 p.m.2 views

UBUNTU-CVE-2024-47763

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

5.5CVSS5.8AI score0.00244EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/10/09 6:7 p.m.22 views

CVE-2024-47813 Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS6.8AI score0.00152EPSS
Exploits0References2
Rows per page
Query Builder