Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webassembly virtual machine project webassembly virtual machine vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-16764
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an IR::FunctionValidationContext::catch_all heap-based buffer over-read.
Webassembly Virtual Machine Project Webassembly Virtual Machine
6.8
CVSSv2
CVE-2018-16766
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because Errors::unreachable() is reached.
Webassembly Virtual Machine Project Webassembly Virtual Machine
6.8
CVSSv2
CVE-2018-16765
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else_.
Webassembly Virtual Machine Project Webassembly Virtual Machine
6.8
CVSSv2
CVE-2018-16767
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::popAnd...
Webassembly Virtual Machine Project Webassembly Virtual Machine
6.8
CVSSv2
CVE-2018-16768
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR::FunctionValidationContext::en...
Webassembly Virtual Machine Project Webassembly Virtual Machine
6.8
CVSSv2
CVE-2018-16769
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled.
Webassembly Virtual Machine Project Webassembly Virtual Machine
6.8
CVSSv2
CVE-2018-16770
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because a certain new_allocator allocate call fails.
Webassembly Virtual Machine Project Webassembly Virtual Machine
4.3
CVSSv2
CVE-2018-17292
An issue exists in WAVM prior to 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing malicious users to cause a Denial of Service (application crash caused by out-of-bounds read) by crafting a file...
Webassembly Virtual Machine Project Webassembly Virtual Machine
6.8
CVSSv2
CVE-2018-17293
An issue exists in WAVM prior to 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows malicious users to cause a denial ...
Webassembly Virtual Machine Project Webassembly Virtual Machine
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started