Haruki3Hhh

**Name of the Vulnerable Software and Affected Versions** wasm3 version 139076a **Description** The issue is related to a Denial of Service (DoS) attack. This means an attacker could potentially cause the service to become unavailable by overwhelming it with traffic. **Recommendations** For wasm3 version 139076a, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** wasm3 version 139076a **Description** The issue is related to an Invalid Memory Read, which can lead to Denial of Service (DoS) and potentially allow for Code Execution. **Recommendations** For wasm3 version 139076a, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** wasm3 version 139076a **Description** The issue concerns memory leaks in the `Read utf8` function. This function is part of the wasm3 software, specifically at commit 139076a. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For version 139076a, consider disabling the `Read utf8` function until a patch is available to prevent potential memory leaks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** wasm3 version 139076a **Description** The issue is a Use-After-Free in the ForEachModule function. This indicates a memory-related problem where memory is accessed after it has been freed, potentially leading to unexpected behavior or crashes. No information is provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** For version 139076a, consider disabling the ForEachModule function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) version 06df58f **Description** The issue is related to a NULL Pointer Dereference in the function `block type get result types`. This indicates a problem where the code attempts to access memory through a null (or non-existent) pointer, which can lead to crashes or potentially allow an attacker to execute arbitrary code. No information is provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** For version 06df58f, as a temporary workaround, consider disabling the `block type get result types` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** wac version 385e1 **Description** A heap overflow vulnerability was discovered in the interpret function at /wac-asan/wa.c, allowing attackers to cause a Denial of Service (DoS) via a crafted wasm file. **Recommendations** For version 385e1, consider disabling the interpret function at /wac-asan/wa.c as a temporary workaround until a patch is available. Restrict access to crafted wasm files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** wac version 385e1 **Description** A heap overflow issue was discovered in the setup call function at /wac-asan/wa.c, allowing attackers to cause a Denial of Service (DoS) via a crafted wasm file. The issue is related to the `setup call` function. **Recommendations** For version 385e1, consider disabling the `setup call` function as a temporary workaround until a patch is available. Restrict access to the `/wac-asan/wa.c` file to minimize the risk of exploitation. Avoid using crafted wasm files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** wac version 385e1 **Description** A heap overflow issue was discovered in the load module function at /wac-asan/wa.c, allowing attackers to cause a Denial of Service (DoS) via a crafted wasm file. The `load module` function is vulnerable, and attackers can exploit this issue by providing a specially crafted wasm file. **Recommendations** For version 385e1, consider disabling the `load module` function as a temporary workaround until a patch is available. Restrict access to the `/wac-asan/wa.c` file to minimize the risk of exploitation. Avoid using crafted wasm files with the affected `load module` function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** wac commit 385e1 **Description** A heap overflow was discovered in wac commit 385e1. **Recommendations** For wac commit 385e1, consider applying a patch or fix to address the heap overflow issue, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** vmir version e8117 **Description** A segmentation violation issue was discovered in vmir via the `wasm parse block` function at `/src/vmir wasm parser.c`. This issue occurs due to a problem in the `wasm parse block` function, which can cause a segmentation violation. **Recommendations** For vmir version e8117, as a temporary workaround, consider disabling the `wasm parse block` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** vmir version e8117 **Description** A heap buffer overflow issue was discovered in vmir via the `wasm call` function at `/src/vmir wasm parser.c`. This issue occurs due to a problem in the `wasm call` function, which can lead to a heap buffer overflow. **Recommendations** For version e8117, consider disabling the `wasm call` function as a temporary workaround until a patch is available. Restrict access to the `/src/vmir wasm parser.c` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** vmir e8117 **Description** A heap buffer overflow issue was discovered in vmir e8117. This issue occurs through the `wasm parse section functions` function at `/src/vmir wasm parser.c`. **Recommendations** For vmir e8117, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** vmir version e8117 **Description** A segmentation violation was discovered in vmir via the `import function` function at `/src/vmir wasm parser.c`. **Recommendations** For vmir version e8117, consider disabling the `import function` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** vmir e8117 **Description** A segmentation violation issue was discovered in vmir via the `function prepare parse` function located at `/src/vmir function.c`. **Recommendations** For vmir e8117, as a temporary workaround, consider disabling the `function prepare parse` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** vmir version e8117 **Description** A stack overflow issue was discovered in the init local vars function at /src/vmir wasm parser.c. This issue affects the vmir software, allowing for potential exploitation. **Recommendations** For version e8117, consider disabling the init local vars function until a patch is available. Restrict access to the /src/vmir wasm parser.c module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** vmir version e8117 **Description** A segmentation violation was discovered in the export function at /src/vmir wasm parser.c. This issue affects the export function, which is located in the /src/vmir wasm parser.c file. **Recommendations** For version e8117, consider disabling the export function until a patch is available to prevent potential exploitation of the segmentation violation.