Lucene search
K

5088 matches found

OSV
OSV
added 2026/07/01 2:16 p.m.4 views

UBUNTU-CVE-2026-53351

In the Linux kernel, the following vulnerability has been resolved: riscv/ptrace: Use USERREGSETNOTETYPE for REGSETCFI Fixes a warning while dumping core: 54983.546369 C7 WARNING: !notename fs/binfmtelf.c:1771 at elfcoredump+0x910/0xf68, CPU7: abort01/31982...

5.7AI score0.00145EPSS
Exploits0References5
CVE
CVE
added 2026/06/27 9:22 a.m.25 views

CVE-2026-49414

CVE-2026-49414 is a local ASLR bypass in FreeBSD: the ELF image activator clears per-process ASLR preferences for setuid binaries after computing the PIE base, allowing an unprivileged local user to disable ASLR for a setuid PIE binary via procctl(2) before execve(2). This makes exploitation of a...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/27 12:10 a.m.10 views

OSV-2026-973 Heap-buffer-overflow in bfd_getl16

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=528056360 Crash type: Heap-buffer-overflow READ 1 Crash state: bfdgetl16 m32relfgenericreloc bfdperformrelocation...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.11 views

PT-2026-53064

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The ELF image activator cleared per-process ASLR Address Space Layout Randomization, a security technique that randomizes memory addresses to prevent exploitatio...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References8
OSV
OSV
added 2026/06/22 8:35 p.m.3 views

GHSA-7CFQ-5MHV-JRP9 Inspektor Gadget: Unprivileged container can crash USDT note parser via crafted ELF (no shipped gadget affected)

Summary A malicious container can crash or destabilize the privileged Inspektor Gadget process when a gadget using USDT probes is deployed. The vulnerability is in the USDT note parser pkg/uprobetracer/usdt.go which is invoked when a gadget with a SEC"usdt/..." section attaches to a target binary...

6.3CVSS6.3AI score
Exploits0References5
GithubExploit
GithubExploit
added 2026/06/16 8:52 a.m.114 views

objdump-dlx-calc-poc

objdump dlx calc poc Small repro for an objdump -g crash-to...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.12 views

EulerOS Virtualization 2.13.0 : binutils (EulerOS-SA-2026-2396)

According to the versions of the binutils packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of- bounds read in the bfd...

7.5CVSS6.4AI score0.00256EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.20 views

EulerOS Virtualization 2.13.1 : binutils (EulerOS-SA-2026-2367)

According to the versions of the binutils packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of- bounds read in the bfd...

7.5CVSS6.3AI score0.00256EPSS
Exploits3References6
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.13 views

CVE-2026-49497

Ghidra before 12.1 contains a path traversal vulnerability in SameDirDebugInfoProvider that fails to validate filenames from ELF binary .gnudebuglink sections before constructing file paths. Attackers can craft malicious ELF binaries with traversal sequences to probe filesystem existence and leak...

4.6CVSS5.6AI score0.00185EPSS
Exploits1References1
NVD
NVD
added 2026/06/10 8:17 p.m.9 views

CVE-2026-46529

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS0.00529EPSS
Exploits1References16
Debian CVE
Debian CVE
added 2026/06/10 7:46 p.m.8 views

CVE-2026-46529

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS6.5AI score0.00529EPSS
Exploits1
NVD
NVD
added 2026/06/10 2:16 p.m.17 views

CVE-2026-49497

Ghidra before 12.1 contains a path traversal vulnerability in SameDirDebugInfoProvider that fails to validate filenames from ELF binary .gnudebuglink sections before constructing file paths. Attackers can craft malicious ELF binaries with traversal sequences to probe filesystem existence and leak...

4.6CVSS0.00185EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/10 12:37 p.m.13 views

CVE-2026-49497 Ghidra < 12.1 - Path Traversal via .gnu_debuglink in DWARF External Debug File Resolution

Ghidra before 12.1 contains a path traversal vulnerability in SameDirDebugInfoProvider that fails to validate filenames from ELF binary .gnudebuglink sections before constructing file paths. Attackers can craft malicious ELF binaries with traversal sequences to probe filesystem existence and leak...

4.6CVSS5.6AI score0.00185EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.8 views

EulerOS 2.0 SP11 : binutils (EulerOS-SA-2026-2236)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header...

7.5CVSS6.1AI score0.00256EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.14 views

EulerOS Virtualization 2.13.0 : gdb (EulerOS-SA-2026-2164)

According to the versions of the gdb packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the componen...

7.8CVSS5.5AI score0.00667EPSS
Exploits6References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.12 views

CVE-2026-21996

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...

5.5CVSS5.5AI score0.0011EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.8 views

CVE-2026-45676

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section...

5.5CVSS5.4AI score0.00162EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.10 views

CVE-2026-35233

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...

4.4CVSS5.5AI score0.00108EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 4:16 p.m.17 views

CVE-2026-45676

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section...

5.5CVSS0.00162EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/02 3:23 p.m.8 views

CVE-2026-45676

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section...

5.5CVSS5.8AI score0.00162EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder