GitHub

[Bug] Heap Buffer Overflow in WasmBinaryReader::readExpression

We discovered a Heap Buffer Overflow vulnerability in wasm-opt. The crash occurs within the WasmBinaryReader::readExpression function when parsing a malformed WebAssembly binary. The issue appears to ...
IEEE

Toward Automatic Heap Exploit Generation by Using Heap Layout Constraints on Binary Programs

Abstract: Automatic exploit generation (AEG) is widely recognized as one of the most effective methods for assessing the risk level of vulnerabilities. To exploit heap-related vulnerabilities, it is ...
GitHub

Heap-based buffer overflow in Internet Explorer allows an...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
SecurityWeek

Chrome 141 and Firefox 143 Patches Fix High-Severity Vulnerabilities

High-severity flaws were patched in Chrome’s WebGPU and Video components, and in Firefox’s Graphics and JavaScript Engine components. Google promoted Chrome 141 to the stable channel with 21 security ...
Forbes

Google Issues Emergency Update For All Chrome Users—Attacks Underway

Microsoft has just told Windows users to ditch Chrome to “browse securely” with Edge. And now Google warns that Chrome is under attack, issuing an emergency update and a recommendation to upgrade all ...
The Hacker News

New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet. The attacks, designed to mine for Dero currency, is ...
techworm.net

Hackers Earn Over $1M For 28 Zero-Day Flaws at Pwn2Own Berlin

Pwn2Own, the annual computer hacking contest, recently concluded at the OffensiveCon conference in Berlin, Germany, which was held between May 15 and May 17, 2025. The event, organized by Trend ...
Computer Weekly

Hacking contest exposes VMware security

The cyber security team at Broadcom has acknowledged that during the Pwn2Own hacking contest in Berlin in March, there were three successful attacks on the VMware hypervisor. On 16 March, Nguyen Hoang ...
Dark Reading

China-Linked Threat Group Exploits Ivanti Bug

A likely China-nexus cyber-espionage group is actively exploiting a vulnerability in certain versions of Ivanti's Connect Secure, Policy Secure, and ZTA gateway products to drop two dangerous new ...
CSOonline

VMware ESXi gets critical patches for in-the-wild virtual machine escape attack

Broadcom has patched three vulnerabilities in the VMware ESXi hypervisor and related products, with Microsoft reporting the flaws are being actively exploited to take control of host systems. Broadcom ...
TechSpot

US cyber defense agency urges developers to eliminate buffer overflow vulnerabilities

Bottom line: The US Cybersecurity and Infrastructure Security Agency is once again reminding IT manufacturers and developers that buffer overflow vulnerabilities must be eradicated from software. In ...