415 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-20051
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A floating-point exception was discovered in PackLinuxElf::elfhash in plxelf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to deni...
Linux Distros Unpatched Vulnerability : CVE-2023-23456
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack in ptmt.cpp file. The flow allows an attacker to cause a denial of service abort via a...
AZL-66759 CVE-2025-58058 affecting package packer for versions less than 1.9.5-10
xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current...
AZL-66741 CVE-2025-58058 affecting package packer for versions less than 1.9.5-15
xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current...
Fedora: Security Advisory (FEDORA-2025-9988949ccd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: trivy, datadog-agent, influxd, caddy, crossplane-provider-azure-managedidentity, fulcio, http-echo, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller, opa, postgres-operator-fips, docker-machine-driver-harvester, loki-3.6,...
[SECURITY] Fedora 41 Update: perl-PAR-Packer-1.063-6.fc41
This module implements the App::Packer::Backend interface, for generating stand-alone executables, perl scripts and PAR files...
[SECURITY] Fedora 42 Update: perl-PAR-Packer-1.064-2.fc42
This module implements the App::Packer::Backend interface, for generating stand-alone executables, perl scripts and PAR files...
CVE-2025-22872 affecting package packer for versions less than 1.9.5-13
CVE-2025-22872 affecting package packer for versions less than 1.9.5-13. A patched version of the package is available...
PackHero: a Scalable Graph-Based Approach for Efficient Packer Identification
Anti-analysis techniques, particularly packing, challenge malware analysts, making packer identification fundamental. Existing packer identifiers have significant limitations: signature-based methods lack flexibility and struggle against dynamic evasion, while Machine Learning approaches require...
CVE-2022-42717
An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute...
Malicious code in packer-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1782d63cb233376840f8858730ae3188cb861a13f2d159a3a045a4157017f0ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3913 Malicious code in packer-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1782d63cb233376840f8858730ae3188cb861a13f2d159a3a045a4157017f0ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Exploit for CVE-2025-47256
CVE-2025-47256 Stack overflow in LibXMP Description A stack...
[SECURITY] Fedora 40 Update: perl-PAR-Packer-1.063-3.fc40
This module implements the App::Packer::Backend interface, for generating stand-alone executables, perl scripts and PAR files...
CVE-2024-51744 affecting package packer for versions less than 1.9.5-8
CVE-2024-51744 affecting package packer for versions less than 1.9.5-8. A patched version of the package is available...
[SECURITY] Fedora 41 Update: perl-PAR-Packer-1.063-5.fc41
This module implements the App::Packer::Backend interface, for generating stand-alone executables, perl scripts and PAR files...
[SECURITY] Fedora 42 Update: perl-PAR-Packer-1.063-6.fc42
This module implements the App::Packer::Backend interface, for generating stand-alone executables, perl scripts and PAR files...
AZL-60604 CVE-2025-22872 affecting package packer for versions less than 1.9.5-13
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...
[SECURITY] Fedora 42 Update: upx-5.0.0-1.fc42
UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...