SUSE CVE-2017-9749

The regs macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution...

FreeBSD : zydis -- heap buffer overflow (d487d4fc-43a8-11ed-8b01-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d487d4fc-43a8-11ed-8b01-b42e991fc52e advisory. - Zydis is an x86/x86-64 disassembler library. Users of Zydis versions v3.2.0 and older that use the...

DEBIAN-CVE-2022-41420

nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component...

Fedora: Security Advisory for rizin (FEDORA-2022-ff2aa5643d)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 37 Update: rizin-0.4.1-1.fc37

Rizin is a free and open-source Reverse Engineering framework, providing a complete binary analysis experience with features like Disassembler, Hexadecimal editor, Emulation, Binary inspection, Debugger, and more. Rizin is a fork of radare2 with a focus on usability, working features and co de...

lldb bug fix and enhancement update

An update is available for lldb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LLDB is a next generation, high-performance debugger. It is built as a set of...

Patching - An Interactive Binary Patching Plugin For IDA Pro

Patching assembly code to change the behavior of an existing program is not uncommon in malware analysis, software reverse engineering, and broader domains of security research. This project extends the popular IDA Pro disassembler to create a more robust interactive binary patching workflow...

Fhex - A Full-Featured HexEditor

This project is born with the aim to develop a lightweight, but useful tool. The reason is that the existing hex editors have some different limitations e.g. too many dependencies, missing hex coloring features, etc.. This project is based on qhexedit2 , capstone and keystone engines. New feature...

CVE-2021-41253

Zydis is an x86/x86-64 disassembler library. Users of Zydis versions v3.2.0 and older that use the string functions provided in zycore in order to append untrusted user data to the formatter buffer within their custom formatter hooks can run into heap buffer overflows. Older versions of Zydis...

Heap overflow

Zydis is an x86/x86-64 disassembler library. Users of Zydis versions v3.2.0 and older that use the string functions provided in zycore in order to append untrusted user data to the formatter buffer within their custom formatter hooks can run into heap buffer overflows. Older versions of Zydis...

CVE-2021-41253

Summary: CVE-2021-41253 affects Zydis

Rz-Ghidra - Deep Ghidra Decompiler And Sleigh Disassembler Integration For Rizin

This is an integration of the Ghidra decompiler and Sleigh Disassembler for rizin. It is solely based on the decompiler part of Ghidra, which is written entirely in C++, so Ghidra itself is not required at all and the plugin can be built self-contained. This project was presented, initially for...

SUSE: Security Advisory (SUSE-SU-2020:3552-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The leap of a Cycldek-related threat actor

Introduction In the nebula of Chinese-speaking threat actors, it is quite common to see tools and methodologies being shared. One such example of this is the infamous "DLL side-loading triad": a legitimate executable, a malicious DLL to be sideloaded by it, and an encoded payload, generally dropp...

ImHex - A Hex Editor For Reverse Engineers, Programmers And People That Value Their Eye Sight When Working At 3 AM.

A Hex Editor for Reverse Engineers, Programmers and people that value their eye sight when working at 3 AM. Features Featureful hex view Byte patching Patch management Copy bytes as feature Bytes Hex string C, C++, C, Rust, Python, Java & JavaScript array ASCII-Art hex view HTML self contained di...

pwntools

This is an offensive tool for binary exploitation. It is a Python library called pwntools, which provides a set of tools for binary exploitation and reverse engineering. The library is designed to be used by security researchers and penetration testers to identify and exploit vulnerabilities in...

SUSE-SU-2020:3060-1 Security update for binutils

This update for binutils fixes the following issues: binutils was updated to version 2.35. jscECO-2373 Update to binutils 2.35: The assembler can now produce DWARF-5 format line number tables. Readelf now has a 'lint' mode to enable extra checks of the files it is processing. Readelf will now...

Dsync - IDAPython Plugin That Synchronizes Disassembler And Decompiler Views

IDAPython plugin that synchronizes decompiled and disassembled code views. Please refer to comments in the source code for more details. Requires 7.2 Download Dsync...

RetDec - A Retargetable Machine-Code Decompiler Based On LLVM

RetDec is a retargetable machine-code decompiler based on LLVM. The decompiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR archive, Intel HEX, and raw machine code Supported architectures:...

New IDA Pro plugin provides TileGX support

By Jonas Zaddach Overview Cisco Talos has a new plugin available for IDA Pro that provides a new disassembler for TileGX binaries. This tool should assist researchers in reverse-engineering threats in IDA Pro that target TileGX. We started developing this tool after the VPNFilter campaign last...