240 matches found
Astra Linux - уязвимость в binutils
“findabstractinstance” in dwarf2.c, located in the Binary File Descriptor BFD library also known as libbfd, as part of GNU Binutils 2.32, allows remote attackers to cause a denial of service infinite recursion and application crash through a crafted ELF file...
CVE-2026-6845
A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service DoS by tricking a user into processing a specially crafted Executable and Linkable Format ELF file. The exploitation of this flaw can lead to the system...
CVE-2026-6844 Binutils: binutils: denial of service vulnerabilities in readelf via crafted elf files
A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...
CVE-2026-6845 Binutils: binutils: denial of service via crafted elf file
A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service DoS by tricking a user into processing a specially crafted Executable and Linkable Format ELF file. The exploitation of this flaw can lead to the system...
CVE-2026-6845
A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service DoS by tricking a user into processing a specially crafted Executable and Linkable Format ELF file. The exploitation of this flaw can lead to the system...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the readelf process. An attacker can cause the application to crash or exhaust system resources by convincing a user to process a specially crafted ELF file. Workaround This vulnerability can be mitigated by...
CVE-2026-30479
A flaw was found in MapServer. This Dynamic-link Library DLL Injection vulnerability allows attackers to execute arbitrary code. The flaw can be exploited by providing a specially crafted executable, potentially leading to unauthorized control over the affected system...
CVE-2026-30478
A Dynamic-link Library Injection vulnerability in GatewayGeo MapServer for Windows version 5 allows attackers to escalate privileges via a crafted executable...
EUVD-2026-20960
A Dynamic-link Library Injection vulnerability in GatewayGeo MapServer for Windows version 5 allows attackers to escalate privileges via a crafted executable...
CVE-2026-30478
A Dynamic-link Library Injection vulnerability in GatewayGeo MapServer for Windows version 5 allows attackers to escalate privileges via a crafted executable...
CVE-2026-30479
A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable...
UBUNTU-CVE-2026-30479
A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable...
CVE-2026-30478
CVE-2026-30478 describes a DLL injection vulnerability in GatewayGeo MapServer for Windows version 5 that allows privilege escalation via a crafted executable. According to the CVE entry, the attack is local with low attack complexity and no user interaction, and it yields high impact on confiden...
CVE-2026-30479
A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable...
PT-2026-31645
A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable...
CVE-2026-30479
A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable...
CVE-2026-30479
A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable...
PT-2026-31656
A Dynamic-link Library Injection vulnerability in GatewayGeo MapServer for Windows version 5 allows attackers to escalate privileges via a crafted executable...
GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service.
...
CVE-2025-69649
A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed header fields with the readelf program can trigger a NULL pointer dereference, causing a crash and resulting in a denial of service. Mitigation To mitigate this vulnerability, do not process untruste...