673 matches found
CVE-2026-4174
A flaw was found in Radare2. A local attacker could exploit a vulnerability in the Mach-O File Parser component, specifically within the walkexportstrie function. By manipulating this component, an attacker can cause excessive resource consumption, potentially leading to a Denial of Service DoS. ...
CVE-2026-4174
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...
CVE-2026-4174
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...
CVE-2026-4174 Radare2 Mach-O File mach0.c walk_exports_trie resource consumption
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...
CVE-2026-4174 Radare2 Mach-O File mach0.c walk_exports_trie resource consumption
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...
CVE-2026-4174 Radare2 Mach-O File mach0.c walk_exports_trie resource consumption
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...
CVE-2026-4174
Radare2 had a low-severity local DoS-like issue in the Mach-O File Parser: the function walk_exports_trie in libr/bin/format/mach0/mach0.c can cause resource consumption. Affected version: 5.9.9; fix is to upgrade to 6.1.2 (patch identified as 4371ae84c99c46b48cb21badbbef06b30757aba0). A PoC exis...
PT-2026-25548
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walk exports trie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit...
GO-2026-4675 Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing in github.com/anchore/quill
Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing in github.com/anchore/quill...
CVE-2026-31961
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...
CVE-2026-31961
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...
CVE-2026-31961 Unbounded memory allocation in Quill via unvalidated size fields in Mach-O binary parsing
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...
CVE-2026-31961 Unbounded memory allocation in Quill via unvalidated size fields in Mach-O binary parsing
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...
CVE-2026-31961
CVE-2026-31961 Quill : The Go-based Quill tool before v0.7.1 is vulnerable to unbounded memory allocation when parsing Mach-O binaries. The code signs/notarizes macOS binaries and reads LC_CODE_SIGNATURE fields (DataSize, DataOffset, Size, SuperBlob, BlobIndex, Length) without validating these va...
CVE-2026-31961 Unbounded memory allocation in Quill via unvalidated size fields in Mach-O binary parsing
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...
EUVD-2026-11329
Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing...
Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing
Impact Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in environments such as CI/CD pipelines, shared signing services, or any...
GHSA-XJ69-M9QQ-8M94 Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing
Impact Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in environments such as CI/CD pipelines, shared signing services, or any...
USN-8080-1 yara vulnerabilities
Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...
USN-8080-1: YARA vulnerabilities
Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...