Vulnerabilities > Bytecodealliance

DATE CVE VULNERABILITY TITLE RISK
2023-12-31 CVE-2023-52284 Double Free vulnerability in Bytecodealliance Webassembly Micro Runtime 1.2.3
Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because push_pop_frame_ref_offset is mishandled.
local
low complexity
bytecodealliance CWE-415
5.5
2023-11-22 CVE-2023-48105 Out-of-bounds Write vulnerability in Bytecodealliance Webassembly Micro Runtime 1.2.3
An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasm_loader_prepare_bytecode function in core/iwasm/interpreter/wasm_loader.c.
network
low complexity
bytecodealliance CWE-787
7.5
2023-09-15 CVE-2023-41880 Off-by-one Error vulnerability in Bytecodealliance Wasmtime
Wasmtime is a standalone runtime for WebAssembly.
network
low complexity
bytecodealliance CWE-193
5.3
2023-04-27 CVE-2023-30624 Reliance on Undefined, Unspecified, or Implementation-Defined Behavior vulnerability in Bytecodealliance Wasmtime
Wasmtime is a standalone runtime for WebAssembly.
network
low complexity
bytecodealliance CWE-758
8.8
2023-03-08 CVE-2023-27477 Off-by-one Error vulnerability in Bytecodealliance Cranelift-Codegen and Wasmtime
wasmtime is a fast and secure runtime for WebAssembly.
network
low complexity
bytecodealliance CWE-193
4.3
2023-03-08 CVE-2023-26489 Out-of-bounds Write vulnerability in Bytecodealliance Cranelift-Codegen and Wasmtime
wasmtime is a fast and secure runtime for WebAssembly.
network
low complexity
bytecodealliance CWE-787
critical
9.9
2022-11-10 CVE-2022-39392 Out-of-bounds Write vulnerability in Bytecodealliance Wasmtime
Wasmtime is a standalone runtime for WebAssembly.
network
high complexity
bytecodealliance CWE-787
7.4
2022-11-10 CVE-2022-39393 Improper Cross-boundary Removal of Sensitive Data vulnerability in Bytecodealliance Wasmtime
Wasmtime is a standalone runtime for WebAssembly.
network
low complexity
bytecodealliance CWE-212
8.6
2022-11-10 CVE-2022-39394 Out-of-bounds Write vulnerability in Bytecodealliance Wasmtime
Wasmtime is a standalone runtime for WebAssembly.
network
low complexity
bytecodealliance CWE-787
critical
9.8
2022-06-28 CVE-2022-31104 Incorrect Calculation vulnerability in Bytecodealliance Cranelift-Codegen and Wasmtime
Wasmtime is a standalone runtime for WebAssembly.
6.8