DEBIAN-CVE-2020-24823

A vulnerability in the dwarf::tostring function of Libelfin v0.3 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted ELF file...

Libelfin 注入漏洞

Libelfin is a C 11 library for reading ELF binaries and DWARFv4 debug information. A denial of service vulnerability exists in the elf::section::asstrtab function of Libelfin 0.3. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted ELF file that cause...

CVE-2020-6574

Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary...

UBUNTU-CVE-2020-6574

Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary...

CVE-2020-6574

Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary...

CVE-2020-6574

Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary...

Denial Of Service (DoS)

valgrind:xenial is vulnerable to integer overflow. It is due to a flaw in cp-demangle.c in libiberty, allowing remote attackers to cause a denial of service segmentation fault and crash via a crafted binary, related to inconsistent use of the long and int types for lengths...

Denial Of Service (DoS)

Integer overflow in the gnuspecial function in libiberty allows remote attackers to cause a denial of service segmentation fault and crash via a crafted binary, related to the "demangling of virtual tables."...

chromium-browser: Insufficient policy enforcement in installer

Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary...

CVE-2018-10373

concatfilename in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted binary file, as demonstrated by nm-new...

CVE-2020-10931

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service daemon crash via a crafted binary protocol header to tryreadcommandbinary in memcached.c...

CVE-2020-10931

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service daemon crash via a crafted binary protocol header to tryreadcommandbinary in memcached.c...

Sql injection

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an...

CVE-2018-10372

processcutuindex in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted binary file, as demonstrated by readelf...

DEBIAN-CVE-2019-5020

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerabili...

CVE-2018-20461

In radare2 prior to 3.1.1, coreanalbytes in libr/core/cmdanal.c allows attackers to cause a denial-of-service application crash caused by out-of-bounds read by crafting a binary file...

Code injection

An issue was discovered in VirusTotal. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned co...

UBUNTU-CVE-2018-12321

There is a heap out of bounds read in radare2 2.6.0 in javaswitchop in libr/anal/p/analjava.c via a crafted Java binary file...

CVE-2018-11382

The inststs function in radare2 2.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted binary file...

CVE-2018-11381

The stringscanrange function in radare2 2.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted binary file...