24 matches found
Astra Linux – Vulnerability in binutils
A vulnerability has been discovered in GNU Binutils 2.45. The affected element is the function elfswapshdr in the bfd/elfcode.h library of the Linker component. Manipulation of this function leads to a heap-based buffer overflow. This attack must be carried out locally. The exploit has been...
CVE-2026-39415
Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...
EUVD-2026-20603
Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...
Unity Linux 20.1070a Security Update: binutils (UTSA-2026-006232)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006232 advisory. A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The...
CVE-2025-69649
GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...
CVE-2025-69644
An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...
CVE-2026-23626 Kimai Vulnerable to Authenticated Server-Side Template Injection (SSTI)
Kimai is a web-based multi-user time-tracking application. Prior to version 2.46.0, Kimai's export functionality uses a Twig sandbox with an overly permissive security policy DefaultPolicy that allows arbitrary method calls on objects available in the template context. An authenticated user with...
Astra Linux – Vulnerability in binutils
A vulnerability was identified in GNU Binutils 2.45. The function getlinkhashentry in the bfd/elflink.c file of the Linker component is affected by this vulnerability. This manipulation causes an out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed...
binutils: GNU Binutils Linker heap-based overflow
A head based buffer overflow flaw has been discovered in GNU bin utilities. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally...
binutils: GNU Binutils Linker heap-based overflow
A head based buffer overflow flaw has been discovered in GNU bin utilities. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally...
binutils: GNU Binutils Linker heap-based overflow
A head based buffer overflow flaw has been discovered in GNU bin utilities. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally...
binutils: GNU Binutils Linker heap-based overflow
A head based buffer overflow flaw has been discovered in GNU bin utilities. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution...
TencentOS Server 4: gdb (TSSA-2025:0844)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0844 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
SUSE CVE-2025-11413
A vulnerability was found in GNU Binutils 2.45. Affected is the function elflinkaddobjectsymbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used...
SUSE CVE-2025-11414
A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function getlinkhashentry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and...
CVE-2025-11414 GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds
A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function getlinkhashentry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and...
AZL-67905 CVE-2025-11083 affecting package binutils for versions less than 2.37-19
A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public an...
AZL-67919 CVE-2025-11083 affecting package binutils for versions less than 2.41-9
A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public an...
DEBIAN-CVE-2025-11082
A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be use...
CVE-2025-11083 GNU Binutils Linker elfcode.h elf_swap_shdr heap-based overflow
A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public an...