Vulnerabilities > Webassembly Virtual Machine Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-21 | CVE-2018-17293 | NULL Pointer Dereference vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine An issue was discovered in WAVM before 2018-09-16. | 8.8 |
2018-09-21 | CVE-2018-17292 | Out-of-bounds Read vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine An issue was discovered in WAVM before 2018-09-16. | 6.5 |
2018-09-10 | CVE-2018-16770 | Unspecified vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because a certain new_allocator allocate call fails. | 8.8 |
2018-09-10 | CVE-2018-16769 | Unspecified vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled. | 8.8 |
2018-09-10 | CVE-2018-16768 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR::FunctionValidationContext::end. | 8.8 |
2018-09-10 | CVE-2018-16767 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::popAndValidateOperand. | 8.8 |
2018-09-10 | CVE-2018-16766 | Always-Incorrect Control Flow Implementation vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because Errors::unreachable() is reached. | 8.8 |
2018-09-10 | CVE-2018-16765 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else_. | 8.8 |
2018-09-10 | CVE-2018-16764 | Out-of-bounds Read vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an IR::FunctionValidationContext::catch_all heap-based buffer over-read. | 8.8 |