229 matches found
PT-2026-31919
NASM’s disasm function contains a stack based buffer overflow when formatting disassembly output, allowing an attacker triggered out-of-bounds write when slen exceeds the buffer capacity...
capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.
A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...
capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.
A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...
capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.
A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...
capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.
A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...
capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.
A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...
Important: Red Hat Security Advisory: capstone security update
An update for capstone is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
capstone: Capstone: Memory corruption via unchecked vsnprintf return
A flaw was found in Capstone, a disassembly framework. An unchecked return value from vsnprintf within the SStreamconcat function allows a malicious input to manipulate the internal stream index. This can lead to a stack buffer underflow or overflow, potentially enabling a local attacker to achie...
TencentOS Server 4: capstone (TSSA-2026:0098)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0098 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
OSV-2026-246 Use-of-uninitialized-value in printAddressingMode
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=484248078 Crash type: Use-of-uninitialized-value Crash state: printAddressingMode M68KprintInst csdisasm...
Medium: capstone
Issue Overview: Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24 bytes into csinsn.bytes, causing a heap buffer overflow in the disassembly path...
Amazon Linux 2023 : capstone, capstone-devel, capstone-java (ALAS2023-2026-1372)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1372 advisory. Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds- checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24...
Amazon Linux 2 : capstone, --advisory ALAS2-2026-3133 (ALAS-2026-3133)
The version of capstone installed on the remote host is prior to 3.0.5-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3133 advisory. Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds- checked, so a user-provide...
CVE-2020-24133
A heap buffer overflow vulnerability in the rasmswfdisass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service DOS attacks...
Application-Specific Power Side-Channel Attacks and Countermeasures: A Survey
Side-channel attacks try to extract secret information from a system by analyzing different side-channel signatures, such as power consumption, electromagnetic emanation, thermal dissipation, acoustics, time, etc. Power-based side-channel attack is one of the most prominent side-channel attacks i...
CVE-2025-67873
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24 bytes into csinsn.bytes, causing a heap buffer overflow in the disassembly path. Commit...
CVE-2025-68114
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit...
SUSE CVE-2025-67873
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24 bytes into csinsn.bytes, causing a heap buffer overflow in the disassembly path. Commit...
Linux Distros Unpatched Vulnerability : CVE-2025-67873
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds- checked, so a user-provided skipdata callback can make...
CVE-2025-68114
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit...