PT-2026-23907

A vulnerability was determined in Planet ICG-2510 1.0 20250811. The impacted element is the function sub 40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attac...

Linux Distros Unpatched Vulnerability : CVE-2025-69644

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug...

EUVD-2025-208345

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

UBUNTU-CVE-2025-69652

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...

AZL-79568 CVE-2025-69645 affecting package binutils 2.41-10

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offsetsize value being used inside bytegetlittleendian, leading to an abort SIGABR...

DEBIAN-CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

DEBIAN-CVE-2025-69644

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

CVE-2026-29121

International Data Casting IDC SFX2100 satellite receiver comes with the /sbin/ip utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who can execute the binary. A local actor is able to use the GTFObins resource to preform privileged file...

CVE-2025-69644

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

YARA-X 1.14.0

YARA-X is a re-incarnation of YARA, a pattern matching tool designed with malware researchers in mind. This new incarnation intends to be faster, safer and more user-friendly than its predecessor. The ultimate goal of YARA-X is replacing YARA as the default pattern matching tool for malware...

CVE-2025-69644

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

CVE-2025-69649

CVE-2025-69649 affects GNU Binutils up to version 2.46 (readelf). A vulnerability in relocation processing can pass an invalid or null section pointer to display_relocations(), causing a null pointer dereference that leads to a segmentation fault (SIGSEGV) and process termination. The available s...

CVE-2025-69646

CVE-2025-69646 affects GNU Binutils’ objdump. A logic error in handling the debug_rnglists header when processing a crafted binary (notably seen in binutils 2.44) can cause an unbounded logging loop, consuming CPU/I/O and preventing completion of objdump analysis. Affected component: objdump in b...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005631)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005631 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/binfmtelf: Fix memory leak in loadelfbinary There is a memory leak reported by kmemleak:...

Access of Uninitialized Pointer

Overview Affected versions of this package are vulnerable to Access of Uninitialized Pointer in the processgotsectioncontents function when handling a specially crafted ELF binary containing malformed relocation or symbol data. An attacker can cause the application to terminate abnormally by...

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion in the readelf process when parsing a specially crafted ELF binary containing malformed DWARF abbrev or debug information. An attacker can cause the application to abort and crash by convincing a user to process a...

USN-8076-1 qtbase-opensource-src vulnerabilities

It was discovered that Qt did not correctly handle OpenSSL's error queue. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 20.04 LTS. CVE-2020-13962 It was discovered that Qt incorrectly handled certain XBM image files. If a user or...

CVE-2026-27749

CVE-2026-27749 affects Avira Internet Security, specifically the System Speedup component. The vulnerability arises from deserialization of untrusted data by the privileged process Avira.SystemSpeedup.RealTimeOptimizer.exe (running as SYSTEM) which reads a file under C:\ProgramData and deserializ...

CVE-2026-27749

Avira Internet Security contains a deserialization of untrusted data vulnerability in the System Speedup component. The Avira.SystemSpeedup.RealTimeOptimizer.exe process, which runs with SYSTEM privileges, deserializes data from a file located in C:\ProgramData using .NET BinaryFormatter without...