CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

RedHat Linux•added 2026/03/23 2:35 a.m.•0 views

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

A flaw was found in Capstone, a disassembly framework. A local attacker could exploit a heap buffer overflow vulnerability by providing a specially crafted skipdata callback. This flaw occurs because the skipdata length is not properly bounds-checked, which may allow an attacker to write beyond...

7.8CVSS7.7AI score0.00014EPSS

Exploits1References6

RedHat Linux•added 2026/03/19 11:51 p.m.•1 views

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

7.8CVSS6.2AI score0.00014EPSS

Exploits1References6

RedHat Linux•added 2026/03/19 9:35 p.m.•11 views

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

7.8CVSS7.7AI score0.00014EPSS

Exploits1References6

RedHat Linux•added 2026/03/19 9:14 p.m.•2 views

capstone: Capstone: Heap buffer overflow via skipdata callback allows denial of service or arbitrary code execution.

7.8CVSS6.2AI score0.00014EPSS

Exploits1References6

RedHat Linux•added 2026/03/18 10:4 a.m.•2 views

Important: Red Hat Security Advisory: capstone security update

An update for capstone is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS7.8AI score0.00038EPSS

Exploits1References3

RedHat Linux•added 2026/03/18 10:4 a.m.•2 views

capstone: Capstone: Memory corruption via unchecked vsnprintf return

A flaw was found in Capstone, a disassembly framework. An unchecked return value from vsnprintf within the SStreamconcat function allows a malicious input to manipulate the internal stream index. This can lead to a stack buffer underflow or overflow, potentially enabling a local attacker to achie...

9.8CVSS7.4AI score0.00038EPSS

Exploits0References6

Tenable Nessus•added 2026/03/05 12:0 a.m.•4 views

TencentOS Server 4: capstone (TSSA-2026:0098)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0098 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS6.2AI score0.00038EPSS

Exploits1References3

Amazon•added 2026/02/05 12:0 a.m.•6 views

Medium: capstone

Issue Overview: Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24 bytes into csinsn.bytes, causing a heap buffer overflow in the disassembly path...

7.8CVSS5.8AI score0.00014EPSS

Exploits1

RedhatCVE•added 2025/12/23 9:29 p.m.•1 views

CVE-2025-68114

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit...

9.8CVSS7.1AI score0.00038EPSS

Exploits0References5

SUSE CVE•added 2025/12/19 12:26 a.m.•2 views

SUSE CVE-2025-67873

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24 bytes into csinsn.bytes, causing a heap buffer overflow in the disassembly path. Commit...

4.8CVSS7.4AI score0.00014EPSS

Exploits1References8

OSV•added 2025/12/17 10:16 p.m.•0 views

AZL-72697 CVE-2025-68114 affecting package capstone 4.0.2-4

9.8CVSS5.9AI score0.00038EPSS

Exploits0References1

OSV•added 2025/12/17 10:16 p.m.•0 views

AZL-72818 CVE-2025-67873 affecting package capstone 4.0.2-4

7.8CVSS6AI score0.00014EPSS

Exploits1References1

OSV•added 2025/12/17 10:16 p.m.•2 views

UBUNTU-CVE-2025-68114

9.8CVSS7.4AI score0.00038EPSS

Exploits0References4

OSV•added 2025/12/17 10:16 p.m.•0 views

AZL-72700 CVE-2025-67873 affecting package capstone 4.0.2-4

7.8CVSS6AI score0.00014EPSS

Exploits1References1

EUVD•added 2025/12/17 9:14 p.m.•2 views

EUVD-2025-203995

4.8CVSS6.6AI score0.00038EPSS

Exploits0References2

CVE•added 2025/12/17 9:14 p.m.•8 views

CVE-2025-68114

Capstone CVE-2025-68114 affects Capstone 6.0.0-Alpha5 and earlier. The vulnerability arises from an unchecked return value from vsnprintf in SStream_concat, which can drive SStream’s index negative or past the end and cause a stack buffer underflow/overflow on the next write. The issue has a fixe...

9.8CVSS6.7AI score0.00038EPSS

Exploits0References2Affected Software1

AlpineLinux•added 2025/12/17 9:14 p.m.•3 views

CVE-2025-68114

9.8CVSS7.2AI score0.00038EPSS

Exploits0

EUVD•added 2025/12/17 9:12 p.m.•1 views

EUVD-2025-203996

4.8CVSS6.8AI score0.00014EPSS

Exploits1References2

CNNVD•added 2025/12/17 12:0 a.m.•1 views

Capstone 安全漏洞

Capstone is a cross-platform disassembly framework from Capstone, Inc. that supports use for binary analysis and reverse engineering of secure communications, among other things. A security vulnerability exists in Capstone 6.0.0-Alpha5 and earlier versions, which stems from Skipdata length not...

7.8CVSS6.7AI score0.00014EPSS

Exploits1References3

Fedora•added 2018/09/21 5:38 a.m.•15 views

[SECURITY] Fedora 29 Update: capstone-3.0.5-1.fc29

Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security community...

8.8CVSS3.2AI score0.00348EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by