Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in `WasmEdge/include/runtime/instance/memory.h` can wrap, causing `checkAccessBound()` to incorrectly allow the acc
A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has be
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not ha
A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads to out-of
CVE-2025-8028
CRITICAL CVSS 9.8
Find Similar
On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. This vulner
CVE-2026-2796
CRITICAL CVSS 9.8
Find Similar
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability was fixe
Invalid pointer in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD
A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::MDLImporter::ParseTextureColorData of the file code/Asset
A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::CSMImporter::InternReadFile of the file code/Ass
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of t
A vulnerability was detected in wasm3 up to 0.5.0. Impacted is the function op_SetSlot_i32/op_CallIndirect of the file m3_exec.h. Performing a manipulation results in memory corruption. The attack nee
A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability was fixed in Firefox 135, Fire
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is th