Lucene search
K

884 matches found

Patchstack
Patchstack
added 2025/09/02 12:37 p.m.6 views

WordPress Assembly theme <= 1.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Assembly versions = 1.1...

8.1CVSS7AI score0.00445EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-44368

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NASM v2.16 was discovered to contain a null pointer deference in the NASM component CVE-2022-44368 Note that Nessus relies on the presence of the package as...

5.5CVSS6.1AI score0.00311EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-19842

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - getToken in libr/asm/p/asmx86nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service stack-based buffer over-read via crafted x86 assembly...

5.5CVSS6.1AI score0.0096EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2018-19209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netwide Assembler NASM 2.14rc15 has a NULL pointer dereference in the function findlabel in asm/labels.c that will lead to a DoS attack. CVE-2018-19209 Note tha...

5.5CVSS5.5AI score0.00775EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2018-20459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In radare2 through 3.1.3, the armassassemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service application crash by...

5.5CVSS6AI score0.00932EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-20457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In radare2 through 3.1.3, the assemble function inside libr/asm/p/asmarmcs.c allows attackers to cause a denial-of-service application crash via an rnumcalc...

5.5CVSS5.9AI score0.00865EPSS
Exploits0References2
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-9786 Malicious code in @zalastax/nolb-_asm (npm)

The package @zalastax/nolb-asm was found to contain malicious code...

7.2AI score
Exploits0
NVD
NVD
added 2025/08/11 1:15 p.m.8 views

CVE-2025-8845

A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemblefile of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...

7.8CVSS0.00247EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-6488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The string component in the GNU C Library aka glibc or libc6 through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register f...

7.8CVSS7.5AI score0.00436EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-49555

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expandsmacro function in the modules/preprocs/nasm/nasm-pp.c...

5.5CVSS5.9AI score0.00378EPSS
Exploits1References3
Filippo.io
Filippo.io
added 2025/07/31 4:55 p.m.7 views

Go Assembly Mutation Testing

While maintaining and developing the Go cryptography standard library, we often spend significantly more time on testing than on implementation. That’s good and an important part of how we achieve our excellent security track record. Ideally, this would be especially true for the least safe parts...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/07/29 8:15 a.m.3 views

firefox: thunderbird: Large branch table could lead to truncated instruction

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM brtable instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of th...

9.8CVSS7.3AI score0.00472EPSS
Exploits0References6
OSV
OSV
added 2025/07/18 11:15 p.m.6 views

UBUNTU-CVE-2025-7396

In wolfSSL release 5.8.2 blinding support is turned on by default for Curve25519 in applicable builds. The blinding configure option is only for the base C implementation of Curve25519. It is not needed, or available with; ARM assembly builds, Intel assembly builds, and the small Curve25519...

5.6CVSS5.8AI score0.00182EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/06/18 12:0 a.m.5 views

FARFETCH'D: a Side-Channel Analysis Framework for Privacy Applications on Confidential Virtual Machines

Confidential virtual machines CVMs based on trusted execution environments TEEs enable new privacy-preserving solutions. Yet, they leave side-channel leakage outside their threat model, shifting the responsibility of mitigating such attacks to developers. However, mitigations are either not gener...

6.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/06/10 10:39 a.m.3 views

crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec

A flaw was found in the Golang crypto/internal/nistec package. Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Considering how this function is used, this leaka...

4CVSS7.1AI score0.00284EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2025/06/05 12:0 a.m.8 views

Deconstructing Obfuscation: a Four-Dimensional Framework for Evaluating Large Language Models Assembly Code Deobfuscation Capabilities

Large language models LLMs have shown promise in software engineering, yet their effectiveness for binary analysis remains unexplored. We present the first comprehensive evaluation of commercial LLMs for assembly code deobfuscation. Testing seven state-of-the-art models against four obfuscation...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:4 a.m.6 views

CVE-2023-37613

A cross-site scripting XSS vulnerability in Assembly Software Trialworks v11.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the asset src parameter...

6.1CVSS5.8AI score0.0038EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 8:14 p.m.5 views

CVE-2021-39997

There is a vulnerability of unstrict input parameter verification in the audio assembly.Successful exploitation of this vulnerability may cause out-of-bounds access...

9.8CVSS7.2AI score0.00796EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:45 a.m.13 views

CVE-2017-13666

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax in MulticoreWare x265 through 2.5, as used in libbpg and other products. A small height value can cause an integer underflow, which leads to a crash. This is a different vulnerability than...

5.5CVSS6.5AI score0.00799EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:59 a.m.9 views

CVE-2017-7716

The readu32leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted Web Assembly file...

5.5CVSS6.9AI score0.00723EPSS
Exploits0References1
Rows per page
Query Builder