Lucene search
K

148 matches found

CNNVD
CNNVD
added 2026/03/28 12:0 a.m.6 views

Varaneckas JAD Java Decompiler 缓冲区错误漏洞

Varaneckas JAD Java Decompiler is a tool developed by Varaneckas Corporation that decompiles Java bytecode into readable source code. Versions of Varaneckas JAD Java Decompiler 1.5.8e-1kali1 and earlier contained a buffer error vulnerability. This vulnerability stemmed from a stack buffer overflo...

9.8CVSS6.4AI score0.00668EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.7 views

CVE-2026-22612

Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, Fickling is vulnerable to detection bypass due to "builtins" blindness. This issue has been patched in version 0.1.7...

9.3CVSS6.9AI score0.00264EPSS
Exploits0References1
NVD
NVD
added 2026/01/10 2:15 a.m.25 views

CVE-2026-22612

Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, Fickling is vulnerable to detection bypass due to "builtins" blindness. This issue has been patched in version 0.1.7...

9.3CVSS0.00264EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/10 1:35 a.m.22 views

CVE-2026-22612 Fickling vulnerable to detection bypass due to "builtins" blindness

Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, Fickling is vulnerable to detection bypass due to "builtins" blindness. This issue has been patched in version 0.1.7...

9.3CVSS0.00264EPSS
Exploits0References3
CVE
CVE
added 2026/01/10 1:35 a.m.22 views

CVE-2026-22612

Summary of CVE-2026-22612 : Fickling (Python pickling decompiler/static analyzer) before version 0.1.7 is vulnerable to a detection bypass caused by “builtins” blindness. This allows crafted pickle payloads to bypass security analysis, as shown by example payloads that construct and execute code ...

9.3CVSS6.5AI score0.00264EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/01/10 1:35 a.m.5 views

CVE-2026-22606 Fickling has a bypass via runpy.run_path() and runpy.run_module()

Fickling is a Python pickling decompiler and static analyzer. Fickling versions up to and including 0.1.6 do not treat Python’s runpy module as unsafe. Because of this, a malicious pickle that uses runpy.runpath or runpy.runmodule is classified as SUSPICIOUS instead of OVERTLYMALICIOUS. If a user...

9.3CVSS7AI score0.00425EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.2 views

Fickling 代码问题漏洞

Fickling is an open source decompiler and static analyzer for Python by Trail of Bits. A code issue vulnerability exists in Fickling version 0.1.6 and earlier, which stems from failing to mark the runpy module as unsafe, which could lead to the execution of attacker-controlled code...

9.3CVSS6.8AI score0.00425EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.8 views

PT-2026-2232

Name of the Vulnerable Software and Affected Versions Fickling versions prior to 0.1.7 Description Fickling, a Python pickling decompiler and static analyzer, is susceptible to a detection bypass due to a "builtins" blindness issue. This allows for potential circumvention of security measures...

9.3CVSS6.5AI score0.00264EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.4 views

Fickling 代码问题漏洞

Fickling is an open source decompiler and static analyzer for Python by Trail of Bits. Fickling 0.1.7 before the version of the code problem vulnerability , the vulnerability stems from the existence of detection blindness to the builder module , which may lead to detection bypass...

9.3CVSS6.7AI score0.00264EPSS
Exploits0References3
OSV
OSV
added 2026/01/01 9:15 p.m.3 views

DEBIAN-CVE-2025-15412

A security vulnerability has been detected in WebAssembly wabt up to 1.0.39. This issue affects the function wabt::Decompiler::VarName of the file /src/repro/wabt/bin/wasm-decompile of the component wasm-decompile. Such manipulation leads to out-of-bounds read. Local access is required to approac...

7.8CVSS4.9AI score0.00179EPSS
Exploits1References1
OSV
OSV
added 2026/01/01 9:15 p.m.6 views

CVE-2025-15412

A security vulnerability has been detected in WebAssembly wabt up to 1.0.39. This issue affects the function wabt::Decompiler::VarName of the file /src/repro/wabt/bin/wasm-decompile of the component wasm-decompile. Such manipulation leads to out-of-bounds read. Local access is required to approac...

7.8CVSS6.5AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/01/01 9:15 p.m.7 views

CVE-2025-15412

A security vulnerability has been detected in WebAssembly wabt up to 1.0.39. This issue affects the function wabt::Decompiler::VarName of the file /src/repro/wabt/bin/wasm-decompile of the component wasm-decompile. Such manipulation leads to out-of-bounds read. Local access is required to approac...

7.8CVSS5.6AI score0.00179EPSS
Exploits1References6
OSV
OSV
added 2026/01/01 9:15 p.m.4 views

UBUNTU-CVE-2025-15412

A security vulnerability has been detected in WebAssembly wabt up to 1.0.39. This issue affects the function wabt::Decompiler::VarName of the file /src/repro/wabt/bin/wasm-decompile of the component wasm-decompile. Such manipulation leads to out-of-bounds read. Local access is required to approac...

7.8CVSS5.2AI score0.00179EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/12/17 12:55 a.m.6 views

CVE-2025-67748

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 had a bypass caused by pty missing from the block list of unsafe module imports. This led to unsafe pickles based on pty.spawn being incorrectly flagged as LIKELYSAFE, and was fixed in version 0.1.6. This impact...

8.5CVSS6.8AI score0.00235EPSS
Exploits1References1
NVD
NVD
added 2025/12/16 1:15 a.m.7 views

CVE-2025-67748

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 had a bypass caused by pty missing from the block list of unsafe module imports. This led to unsafe pickles based on pty.spawn being incorrectly flagged as LIKELYSAFE, and was fixed in version 0.1.6. This impact...

8.5CVSS0.00235EPSS
Exploits1References3
PyPA
PyPA
added 2025/12/16 1:15 a.m.10 views

PYSEC-2025-113

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 had a bypass caused by pty missing from the block list of unsafe module imports. This led to unsafe pickles based on pty.spawn being incorrectly flagged as LIKELYSAFE, and was fixed in version 0.1.6. This impact...

8.5CVSS5.8AI score0.00235EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/12/16 12:39 a.m.35 views

CVE-2025-67748 Fickling has Code Injection vulnerability via pty.spawn()

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 had a bypass caused by pty missing from the block list of unsafe module imports. This led to unsafe pickles based on pty.spawn being incorrectly flagged as LIKELYSAFE, and was fixed in version 0.1.6. This impact...

8.5CVSS0.00235EPSS
Exploits1References3
OSV
OSV
added 2025/12/16 12:39 a.m.5 views

CVE-2025-67748 Fickling has Code Injection vulnerability via pty.spawn()

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 had a bypass caused by pty missing from the block list of unsafe module imports. This led to unsafe pickles based on pty.spawn being incorrectly flagged as LIKELYSAFE, and was fixed in version 0.1.6. This impact...

8.5CVSS6.7AI score0.00235EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.9 views

PT-2025-51355

Name of the Vulnerable Software and Affected Versions Fickling versions prior to 0.1.6 Description Fickling, a Python pickling decompiler and static analyzer, contained a bypass related to missing unsafe module imports. Specifically, the pty module was not included in the block list, leading to...

8.5CVSS6.4AI score0.00235EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-5222

Malware in sbrugna...

6.9CVSS6.4AI score0.00399EPSS
Exploits0References3
Rows per page
Query Builder