Lucene search
K

229 matches found

Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.5 views

PT-2026-31919

NASM’s disasm function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when slen exceeds the buffer capacity...

6AI score0.00443EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/03/23 2:35 a.m.1 views

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...

7.8CVSS7.7AI score0.00191EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/19 11:51 p.m.4 views

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...

7.8CVSS6.2AI score0.00191EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/19 9:35 p.m.14 views

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...

7.8CVSS7.7AI score0.00191EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/19 9:14 p.m.4 views

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...

7.8CVSS6.2AI score0.00191EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/18 10:4 a.m.5 views

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...

7.8CVSS7.7AI score0.00191EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/18 10:4 a.m.6 views

Important: Red Hat Security Advisory: capstone security update

An update for capstone is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS7.8AI score0.00191EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/03/18 10:4 a.m.4 views

capstone: Capstone: Memory corruption via unchecked vsnprintf return

A flaw was found in Capstone, a disassembly framework. An unchecked return value from vsnprintf within the SStreamconcat function allows a malicious input to manipulate the internal stream index. This can lead to a stack buffer underflow or overflow, potentially enabling a local attacker to achie...

9.8CVSS7.4AI score0.00163EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.6 views

TencentOS Server 4: capstone (TSSA-2026:0098)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0098 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS6.2AI score0.00191EPSS
Exploits1References3
OSV
OSV
added 2026/02/15 12:9 a.m.7 views

OSV-2026-246 Use-of-uninitialized-value in printAddressingMode

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=484248078 Crash type: Use-of-uninitialized-value Crash state: printAddressingMode M68KprintInst csdisasm...

5.8AI score
Exploits0References1
Amazon
Amazon
added 2026/02/05 12:0 a.m.9 views

Medium: capstone

Issue Overview: Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24 bytes into csinsn.bytes, causing a heap buffer overflow in the disassembly path...

7.8CVSS5.8AI score0.00191EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2023 : capstone, capstone-devel, capstone-java (ALAS2023-2026-1372)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1372 advisory. Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds- checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24...

7.8CVSS5.7AI score0.00191EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2 : capstone, --advisory ALAS2-2026-3133 (ALAS-2026-3133)

The version of capstone installed on the remote host is prior to 3.0.5-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3133 advisory. Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds- checked, so a user-provide...

7.8CVSS5.8AI score0.00191EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.5 views

CVE-2020-24133

A heap buffer overflow vulnerability in the rasmswfdisass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service DOS attacks...

9.8CVSS8.1AI score0.02626EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.4 views

Application-Specific Power Side-Channel Attacks and Countermeasures: A Survey

Side-channel attacks try to extract secret information from a system by analyzing different side-channel signatures, such as power consumption, electromagnetic emanation, thermal dissipation, acoustics, time, etc. Power-based side-channel attack is one of the most prominent side-channel attacks i...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/23 9:29 p.m.4 views

CVE-2025-67873

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24 bytes into csinsn.bytes, causing a heap buffer overflow in the disassembly path. Commit...

7.8CVSS7.4AI score0.00191EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/23 9:29 p.m.4 views

CVE-2025-68114

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit...

9.8CVSS7.1AI score0.00163EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/12/19 12:26 a.m.5 views

SUSE CVE-2025-67873

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24 bytes into csinsn.bytes, causing a heap buffer overflow in the disassembly path. Commit...

4.8CVSS7.4AI score0.00191EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-67873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds- checked, so a user-provided skipdata callback can make...

7.8CVSS6.8AI score0.00191EPSS
Exploits1References3
NVD
NVD
added 2025/12/17 10:16 p.m.10 views

CVE-2025-68114

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit...

9.8CVSS0.00163EPSS
Exploits0References2
Rows per page
Query Builder