EUVD-2022-38817

Malicious code in bioql PyPI...

Fedora 38 : cutter-re / rizin (2023-af305bed3d)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-af305bed3d advisory. rebase rizin to v0.5.1 and cutter-re to 0.2.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

GLSA-202209-06 : Rizin: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202209-06 Rizin: Multiple Vulnerabilities - Rizin v0.4.0 and below was discovered to contain an integer overflow via the function getlongobject. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted...

CVE-2022-36044

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected by this vulnerability, allowing an attacker to execute code on t...

Out-of-bounds

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected by this vulnerability, allowing an attacker to execute code on t...

CVE-2022-36044

CVE-2022-36044 affects Rizin 0.4.0 and earlier, due to an out-of-bounds write when processing Luac files. A malicious Luac file could allow code execution. Fixes are committed (07b43bc8... and 05bbd147...) and upstream/public advisories reference these patches. Connected sources note related fixe...

Rizin 缓冲区错误漏洞

Rizin is a free open source reverse engineering framework from the Rizin organization. It is used for analyzing binary files, disassembling code, debugging programs, as a forensic tool, as a scriptable command-line hex editor capable of opening disk files, and more. A buffer error vulnerability...

PT-2022-23139 · Rizin · Rizin

Name of the Vulnerable Software and Affected Versions: Rizin versions 0.4.0 and prior Description: Rizin is a UNIX-like reverse engineering framework and command-line toolset. The issue arises from an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file coul...

CVE-2022-36044 Rizin Out-of-bounds Write vulnerability in Lua binary plugin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected by this vulnerability, allowing an attacker to execute code on t...