Adding Compilation Metadata to Binaries to Make Disassembly Decidable

The binary executable format is the standard method for distributing and executing software. Yet, it is also as opaque a representation of software as can be. If the binary format were augmented with metadata that provides security-relevant information, such as which data is intended by the...

EUVD-2025-208345

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CVE-2025-68239 binfmt_misc: restore write access before closing files opened by open_exec()

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: restore write access before closing files opened by openexec bmregisterwrite opens an executable file using openexec, which internally calls doopenexecat and denies write access on the file to avoid modification while...

PT-2025-51652

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s binfmt misc subsystem. Specifically, the bm register write function opens an executable file using open exec, which restricts write access to prevent...

PT-2025-40731

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the binfmt misc module related to a shift-out-of-bounds condition in the check special flags function. This condition was identified by UBSAN...

EUVD-2023-45122

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-40551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's...

[SECURITY] [DSA 5983-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5983-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 22, 2025 https://www.debian.org/security/faq -...

BIT-LIBPYTHON-2022-48564

readints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format...

Linux Distros Unpatched Vulnerability : CVE-2019-11191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel through 5.0.7, when CONFIGIA32AOUT is enabled and ia32aout is loaded, allows local users to bypass ASLR on setuid a.out programs if any exist...

Malicious code in move-binary-format-wasm (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6e47d2604861aead1b88adc5debb15c733e9012421604524480bc754379a50a Any computer that has this package installed or running should be considered...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-2660)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in Google Protocol Buffers affect IBM watsonx.data

Summary Google Protocol Buffers and protobuf-java core and lite have multiple vulnerabilities that can affect watsonx.data. These vulnerablities include denail of service attacks and remote code executions, Vulnerability Details CVEID:CVE-2015-5237 DESCRIPTION: Google Protocol Buffers could allow...

EulerOS Virtualization 2.10.0 : shim (EulerOS-SA-2024-1993)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP...

EulerOS 2.0 SP12 : shim (EulerOS-SA-2024-1776)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summar...

EulerOS Virtualization 2.11.0 : shim (EulerOS-SA-2024-1638)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTT...

Debian dla-3813 : shim-helpers-amd64-signed-template - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3813 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3813-1 [email protected]...

EulerOS 2.0 SP10 : shim (EulerOS-SA-2024-1579)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. Th...

EulerOS 2.0 SP10 : shim (EulerOS-SA-2024-1602)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. Thi...

SUSE CVE-2023-40551

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...