Webassembly Virtual Machine Project

Webassembly Virtual Machine

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-17292

Exploit
  • EPSS 0.29%
  • Veröffentlicht 21.09.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:11

An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Denial of Service (application crash caused by out-of-b...

8.8

CVE-2018-17293

Exploit
  • EPSS 0.32%
  • Veröffentlicht 21.09.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:11

An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows att...

8.8

CVE-2018-16768

Exploit
  • EPSS 0.31%
  • Veröffentlicht 10.09.2018 04:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:18

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR::FunctionV...

8.8

CVE-2018-16769

Exploit
  • EPSS 0.31%
  • Veröffentlicht 10.09.2018 04:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:19

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mish...

8.8

CVE-2018-16770

Exploit
  • EPSS 0.31%
  • Veröffentlicht 10.09.2018 04:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:19

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because a certain new_allocator allocate call fails.

8.8

CVE-2018-16764

Exploit
  • EPSS 0.31%
  • Veröffentlicht 10.09.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:18

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an IR::FunctionValidationContext::catch_all heap-based buffer ov...

8.8

CVE-2018-16765

Exploit
  • EPSS 0.31%
  • Veröffentlicht 10.09.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:18

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValid...

8.8

CVE-2018-16766

Exploit
  • EPSS 0.31%
  • Veröffentlicht 10.09.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:18

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because Errors::unreachable() is reached.

8.8

CVE-2018-16767

Exploit
  • EPSS 0.31%
  • Veröffentlicht 10.09.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:18

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValid...