Lucene search
K

135 matches found

Snyk
Snyk
added 2022/01/13 3:45 a.m.1 views

Uncaught Exception

Overview std/debug/macho is a Go standard library package std/debug/macho Affected versions of this package are vulnerable to Uncaught Exception. Go Vulnerability Report: Calling File.ImportedSymbols on a loaded file which contains an invalid dynamic symbol table command can cause a panic, in...

8.7CVSS7AI score0.04372EPSS
Exploits0References3
OSV
OSV
added 2021/11/26 11:3 a.m.3 views

OESA-2021-1443 golang security update

The Go Programming Language. Security Fixes: ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.CVE-2021-41771...

7.5CVSS7AI score0.04372EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2021/11/11 8:0 a.m.4 views

ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer aka an out-of-bounds slice situation.

...

7.5CVSS6.9AI score0.04372EPSS
Exploits0
NVD
NVD
added 2021/11/08 6:15 a.m.32 views

CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

7.5CVSS0.04372EPSS
Exploits0References10
OSV
OSV
added 2021/11/08 6:15 a.m.2 views

DEBIAN-CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

7.5CVSS8.6AI score0.04372EPSS
Exploits0References1
OSV
OSV
added 2021/11/08 6:15 a.m.5 views

AZL-79102 CVE-2021-41771 affecting package golang 1.25.7-1

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

7.5CVSS6.7AI score0.04372EPSS
Exploits0References1
OSV
OSV
added 2021/11/08 6:15 a.m.7 views

AZL-6451 CVE-2021-41771 affecting package golang for versions less than 1.17.8-1

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

7.5CVSS6.7AI score0.04372EPSS
Exploits0References1
Prion
Prion
added 2021/11/08 6:15 a.m.24 views

Design/Logic Flaw

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

5CVSS7.4AI score0.04372EPSS
Exploits0References10Affected Software3
OSV
OSV
added 2021/11/08 6:15 a.m.3 views

UBUNTU-CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

7.5CVSS6.7AI score0.04372EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2021/11/08 12:0 a.m.33 views

CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

7.5CVSS8.6AI score0.04372EPSS
Exploits0
CNNVD
CNNVD
added 2021/11/08 12:0 a.m.4 views

Google Go 缓冲区错误漏洞

Google Go is a statically strongly-typed, compiled, concurrently-typed, and garbage collected programming language from the U.S. company Google Google. A security vulnerability exists in ImportedSymbols, which stems from importing symbols for Open or OpenFat in Go's debug macho and accessing memo...

7.5CVSS8.1AI score0.04372EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2021/11/08 12:0 a.m.55 views

CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

7.5CVSS6.8AI score0.04372EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2021/11/08 12:0 a.m.58 views

CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

7.5CVSS7.8AI score0.04372EPSS
Exploits0
CVE
CVE
added 2021/11/08 12:0 a.m.321 views

CVE-2021-41771

CVE-2021-41771 is an out-of-bounds read in the Go standard library, specifically ImportedSymbols in debug/macho when parsing malformed binaries with Open/OpenFat. This can cause a panic or denial of service by reading beyond a buffer. Technical details in connected advisories confirm the issue af...

7.5CVSS7.5AI score0.04372EPSS
Exploits0References10Affected Software1
RedhatCVE
RedhatCVE
added 2021/11/05 6:27 p.m.48 views

CVE-2021-41771

An out of bounds read vulnerability was found in debug/macho of the Go standard library. When using the debug/macho standard library stdlib and malformed binaries are parsed using Open or OpenFat, it can cause golang to attempt to read outside of a slice array causing a panic when calling...

7.5CVSS7.3AI score0.04372EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2021/11/04 12:0 a.m.33 views

go -- multiple vulnerabilities

The Go project reports: debug/macho fails out when loading a file that contains a dynamic symbol table command that indicates a larger number of symbols than exist in the loaded symbol table. Previously, opening a zip with Reader.Open could result in a panic if the zip contained a file whose name...

7.8AI score
Exploits0References2
Kitploit
Kitploit
added 2021/06/30 12:30 p.m.48 views

Forblaze - A Python Mac Steganography Payload Generator

Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C file for you which will be compiled to pull desired encrypted URLs out of the stego file, fetch payloads over https, and execute them directly into memory. It utilizes...

7.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.33 views

openSUSE Security Update : nasm (openSUSE-2020-954)

This update for nasm fixes the following issues : nasm was updated to version 2.14.02. This allows building of Mozilla Firefox 78ESR and also contains lots of bugfixes, security fixes and improvements. - Fix crash due to multiple errors or warnings during the code generation pass if a list file i...

7.8CVSS6.5AI score0.05166EPSS
Exploits14References27
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.29 views

openSUSE Security Update : nasm (openSUSE-2020-952)

This update for nasm fixes the following issues : nasm was updated to version 2.14.02. This allows building of Mozilla Firefox 78ESR and also contains lots of bugfixes, security fixes and improvements. - Fix crash due to multiple errors or warnings during the code generation pass if a list file i...

7.8CVSS6.5AI score0.05166EPSS
Exploits14References27
OPENSUSE Linux
OPENSUSE Linux
added 2020/07/13 12:0 a.m.56 views

Security update for nasm (moderate)

openSUSE Security Update: Security update for nasm Announcement ID: openSUSE-SU-2020:0952-1 Rating: moderate References: 1084631 1086186 1086227 1086228 1090519 1090840 1106878 1107592 1107594 1108404 1115758 1115774 1115795 1173538 Cross-References: CVE-2018-1000667 CVE-2018-10016 CVE-2018-10254...

7.8CVSS7.7AI score0.05166EPSS
Exploits14References14
Rows per page
Query Builder