EUVD-2026-36016

Ghidra before 12.1 contains a heap-use-after-free vulnerability in the decompiler's HighVariable::merge function during the variable merging pass. Attackers can trigger this vulnerability by crafting a binary that causes stale pointers in the HighIntersectTest::highedgemap cache to be dereference...

National Security Agency Ghidra 资源管理错误漏洞

National Security Agency Ghidra is a software reverse-engineering framework developed by the National Security Agency NSA. Versions of National Security Agency Ghidra prior to version 12.1 contained a resource management vulnerability. This vulnerability stemmed from the use of the...

CVE-2026-34963 barebox EFI PE Loader Memory Safety Vulnerabilities

barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...

PT-2026-33826

NEMU OpenXiangShan/NEMU before v2025.12.r2 contains an improper instruction-validation flaw in its RISC-V Vector RVV decoder. The decoder does not correctly validate the funct3 field when decoding vsetvli/vsetivli/vsetvl, allowing certain invalid OP-V instruction encodings to be misinterpreted an...

CVE-2026-40527 radare2 Command Injection via DWARF Parameter Names

radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can embed malicious r2 command sequences as DWARF DWTAGformalparameter names. Attackers can craft a binary with shell commands in DWARF parameter names that execute...

GNU BinUtils 安全漏洞

GNU BinUtils is a set of programming tools for processing binary files in the GNU community in the United States. Versions of GNU BinUtils 2.45.1 and earlier contained a security vulnerability, which was caused by a logical flaw in the DWARF parsing of path handling for specially crafted binary...

SUSE CVE-2025-69644

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

AZL-79598 CVE-2025-69644 affecting package binutils 2.37-20

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

PT-2026-23728

Name of the Vulnerable Software and Affected Versions Binutils versions prior to 2.46 Description An issue exists in Binutils where the objdump utility is susceptible to denial-of-service. This occurs when processing a specially crafted binary file containing malformed debug information. A flaw i...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CVE-2025-69644

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

CVE-2025-69644

CVE-2025-69644 affects Binutils before 2.46, where objdump may loop indefinitely when parsing crafted binaries with malformed DWARF debug information due to a logic flaw in DWARF location list header handling. This can cause unbounded resource consumption and endless output, enabling a local atta...

GNU Binutils readelf 安全漏洞

GNU Binutils readelf is a command-line tool from the American GNU community. Versions of GNU Binutils readelf 2.46 and earlier contained security vulnerabilities. These vulnerabilities stemmed from errors in relocation or symbol data parsing when processing specially crafted ELF binary files. The...

CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

Unchecked Input for Loop Condition

Overview Affected versions of this package are vulnerable to Unchecked Input for Loop Condition through the processing of crafted binaries containing malformed DWARF debug information. An attacker can cause the application to crash or become unresponsive by supplying specially crafted input files...

Linux Distros Unpatched Vulnerability : CVE-2017-15056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other...

CVE-2024-44744

An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via placing crafted binaries into unspecified directories. NOTE: Malwarebytes argues that this issue requires admin privileges and that the contents cannot be altered by non-admin users...

CVE-2024-44744

An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via placing crafted binaries into unspecified directories. NOTE: Malwarebytes argues that this issue requires admin privileges and that the contents cannot be altered by non-admin users...

CVE-2024-44744

An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via placing crafted binaries into unspecified directories. NOTE: Malwarebytes argues that this issue requires admin privileges and that the contents cannot be altered by non-admin users...

CVE-2024-44744

An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via placing crafted binaries into unspecified directories. NOTE: Malwarebytes argues that this issue requires admin privileges and that the contents cannot be altered by non-admin users...