EUVD-2017-17718

Malware in sbrugna...

EUVD-2019-10609

Malware in sbrugna...

EUVD-2015-6989

Malware in sbrugna...

Fedora 38 : cutter-re / rizin (2023-af305bed3d)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-af305bed3d advisory. rebase rizin to v0.5.1 and cutter-re to 0.2.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

GLSA-202209-06 : Rizin: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202209-06 Rizin: Multiple Vulnerabilities - Rizin v0.4.0 and below was discovered to contain an integer overflow via the function getlongobject. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the getle64 function in bele.h via a crafted Mach-O file. Remediation Upgrade upx to version 4.2.1 or higher. References - GitHub Commit - GitHub Issue Credit: giantbranch of NSFOCUS Security Team...

DEBIAN-CVE-2020-27800

A heap-based buffer over-read was discovered in the getle32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file...

UBUNTU-CVE-2021-3402

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4...

PT-2022-8873 · Upx +2 · Upx +2

Name of the Vulnerable Software and Affected Versions: UPX version 4.0.0 Description: A heap-based buffer over-read issue was discovered in the acc ua get be32 function, located in the miniacc.h file, which can be exploited via a crafted Mach-O file. Recommendations: For UPX version 4.0.0, at the...

Bypass Glitch Allows Malware to Masquerade as Legit Apple Files

Masquerading as an official Apple system file sounds like a wonderful way for malware to worm its way onto Macs – and a recently discovered code-signing bypass flaw allows bad code to do just that. The way some developers have implemented Apple’s official code-signing API can be exploited by...

UBUNTU-CVE-2018-8810

In radare2 2.4.0, there is a heap-based buffer over-read in the getivarlistt function of mach0classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted Mach-O file...

PT-2017-14606 · Upx +1 · Upx +1

Name of the Vulnerable Software and Affected Versions: UPX version 3.94 Description: The issue allows remote attackers to cause a denial of service, resulting in invalid memory access and application crash, or possibly have other unspecified impacts via a crafted Mach-O file. This is related to t...

CVE-2017-7136

An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted Mach-O file...

Apple Memory Corruption Vulnerability (CNVD-2017-32723)

Apple Xcode is a set of integrated development environments IDEs provided by Apple to developers for Mac OS X and iOS applications. ld64 is one of the linker components. A security vulnerability exists in the ld64 component in versions of Apple Xcode prior to 9. A remote attacker can exploit this...

Apple Memory Corruption Vulnerability (CNVD-2017-32726)

Apple Xcode is a set of integrated development environments IDEs provided by Apple to developers for Mac OS X and iOS applications. ld64 is one of the linker components. A security vulnerability exists in the ld64 component in versions of Apple Xcode prior to 9. A remote attacker can exploit this...

Memory Corruption Vulnerability in Multiple Quick Heal Products

Quick Heal Internet Security, Quick Heal Total Security and Quick Heal AntiVirus Pro are antivirus programs from Quick Heal India. A memory corruption vulnerability exists in several Quick Heal products. An attacker can exploit this vulnerability to cause memory corruption with the help of...

CVE-2017-8774

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file...

About the security content of Apple TV 7.2.1 - Apple Support

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website. For information about...

About the security content of Apple TV 7.2.1

About the security content of Apple TV 7.2.1 This document describes the security content of Apple TV 7.2.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are availabl...

Apple Xcode mach-o file handling arbitrary code execution vulnerability

Apple Xcode is an integrated development tool IDE that runs on the operating system Mac OS X. It is used for the development of the Mac OS X operating system and for the development of the Mac OS X operating system. A security vulnerability exists in Apple Xcode that fails to properly enforce the...