882 matches found
CVE-2026-6067
A heap buffer overflow vulnerability exists in the Netwide Assembler NASM due to a lack of bounds checking in the objdirective function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service crash, and...
UBUNTU-CVE-2026-6068
NASM contains a heap use after free vulnerability in response file -@ processing where a dangling pointer to freed memory is stored in the global dependfile and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code executi...
CVE-2026-6067
The CVE-2026-6067 entry concerns the Netwide Assembler (NASM). A heap buffer overflow is caused by insufficient bounds checking in the obj_directive() function. An attacker could exploit this by assembling a malicious .asm file, leading to heap memory corruption, crash (DoS), or arbitrary code ex...
Bugsink 输入验证错误漏洞
Bugsink is an open-source, self-hosted bug tracking software developed by Bugsink. Version 2.1.0 of Bugsink contains a vulnerability related to input validation. This vulnerability stems from an authentication-related file writing issue during the package assembly process. It may allow users with...
LLM4CodeRE: Generative AI for Code Decompilation Analysis and Reverse Engineering
Code decompilation analysis is a fundamental yet challenging task in malware reverse engineering, particularly due to the pervasive use of sophisticated obfuscation techniques. Although recent large language models LLMs have shown promise in translating low-level representations into high-level...
CVE-2017-20228 Flat Assembler 1.71.21 Stack-Based Buffer Overflow ROP
Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Attackers can craft malicious assembly input exceeding 5895 bytes to overwrite the instruction pointer and execute...
com.sap.hcp.cf.logging:sample-app-spring-boot (>=3.8.5 <=4.1.0), dev.vality:shared-resources (>=4.0.0-alpha1 <=4.0.0-alpha4) +1 more potentially affected by CVE-2026-33701 via io.opentelemetry.javaagent:opentelemetry-javaagent (>=2.15.0 <=2.23.0)
io.opentelemetry.javaagent:opentelemetry-javaagent MAVEN version =2.15.0, =3.8.5, =4.0.0-alpha1, =2.5.12, =2.6.4-hadoop3 Source cves: CVE-2026-33701 Source advisory: SNYK:JAVA-IOOPENTELEMETRYJAVAAGENT-15857172...
PX4-Autopilot 安全漏洞
PX4-Autopilot is an open-source drone autopilot system developed by PX4. Versions of PX4-Autopilot prior to 1.17.0-rc2 contained security vulnerabilities. These vulnerabilities stemmed from tattucan’s use of unbounded memory copying during its multi-frame assembly cycle, which could lead to stack...
org.apache.livy:livy-assembly (>=0.7.0-incubating <=0.8.0-incubating), org.apache.livy:livy-coverage-report (>=0.7.0-incubating <=0.8.0-incubating) +3 more potentially affected by CVE-2025-60012 via org.apache.livy:livy-server (>=0.7.0-incubating <=0.8.0-incubating)
org.apache.livy:livy-server MAVEN version =0.7.0-incubating, =0.7.0-incubating, =0.7.0-incubating, =0.7.0-incubating, =0.7.0-incubating, =2.0.0, =2.8.2 Source cves: CVE-2025-60012 Source advisory: SNYK:JAVA-ORGAPACHELIVY-15674462...
org.apache.livy:livy-assembly (>=0.4.0-incubating <=0.8.0-incubating), org.apache.livy:livy-coverage-report (>=0.4.0-incubating <=0.8.0-incubating) +3 more potentially affected by CVE-2025-66249 via org.apache.livy:livy-server (>=0.4.0-incubating <=0.8.0-incubating)
org.apache.livy:livy-server MAVEN version =0.4.0-incubating, =0.4.0-incubating, =0.4.0-incubating, =0.4.0-incubating, =0.6.0-incubating, =2.0.0, =2.8.2 Source cves: CVE-2025-66249 Source advisory: OSV:GHSA-H84F-4FF9-8HC3...
CVE-2026-32707
CVE-2026-32707 affects PX4 Autopilot with the tattu_can module. A stack buffer overflow results from an unbounded memcpy in the multi-frame assembly loop, allowing stack memory overwrite when crafted CAN frames are processed. In affected deployments where tattu_can is enabled, a CAN-injection cap...
CVE-2026-32707 PX4 autopilot has a stack buffer overflow in tattu_can due to unbounded memcpy in frame assembly loop
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, tattucan contains an unbounded memcpy in its multi-frame assembly loop, allowing stack memory overwrite when crafted CAN frames are processed. In deployments where tattucan is enabled and running, a CAN-injection-capable...
org.apache.livy:livy-assembly (>=0.4.0-incubating <=0.8.0-incubating), org.apache.livy:livy-coverage-report (>=0.4.0-incubating <=0.8.0-incubating) +3 more potentially affected by CVE-2025-66249 via org.apache.livy:livy-server (>=0.4.0-incubating <=0.8.0-incubating)
org.apache.livy:livy-server MAVEN version =0.4.0-incubating, =0.4.0-incubating, =0.4.0-incubating, =0.4.0-incubating, =0.6.0-incubating, =2.0.0, =2.8.2 Source cves: CVE-2025-66249 Source advisory: SNYK:JAVA-ORGAPACHELIVY-15520260...
MGASA-2026-0053 Updated thunderbird packages fix security vulnerabilities
Incorrect boundary conditions in the WebRTC: Audio/Video component. CVE-2026-2757 Use-after-free in the JavaScript: GC component. CVE-2026-2758 Incorrect boundary conditions in the Graphics: ImageLib component. CVE-2026-2759 Sandbox escape due to incorrect boundary conditions in the Graphics:...
CLSA-2026-1772146785 httpd: Fix of CVE-2024-42516
CVE-2024-42516: fix HTTP response splitting by reordering header validation to occur after full response header assembly...
CLSA-2026-1772101499 httpd: Fix of CVE-2024-42516
CVE-2024-42516: fix HTTP response splitting by reordering header validation to occur after full response header assembly...
CLSA-2026-1772101256 httpd: Fix of CVE-2024-42516
CVE-2024-42516: fix HTTP response splitting by reordering header validation to occur after full response header assembly...
GHSA-3288-P39F-RQPV Unsoundness in opt-in ARMv8 assembly backend for `keccak`
Summary The asm! block enabled by the off-by-default asm feature, when enabled on ARMv8 targets, misspecified the operand type for all of its operands, using in for pointers and values which were subsequently mutated by operations performed within the assembly block. Impact It's unclear what...
Unsoundness in opt-in ARMv8 assembly backend for `keccak`
Summary The asm! block enabled by the off-by-default asm feature, when enabled on ARMv8 targets, misspecified the operand type for all of its operands, using in for pointers and values which were subsequently mutated by operations performed within the assembly block. Impact It's unclear what...
CVE-2026-26056
Yoke is a Helm-inspired infrastructure-as-code IaC package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller ATC component of Yoke. It allows users with CR create/update permissions to execute arbitrary WASM code in the ATC controller context by injecting a...