Lucene search
+L

673 matches found

RedhatCVE
RedhatCVE
added 2026/03/16 1:44 p.m.3 views

CVE-2026-4174

A flaw was found in Radare2. A local attacker could exploit a vulnerability in the Mach-O File Parser component, specifically within the walkexportstrie function. By manipulating this component, an attacker can cause excessive resource consumption, potentially leading to a Denial of Service DoS. ...

4.8CVSS5.6AI score0.00115EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/03/15 10:32 a.m.4 views

CVE-2026-4174

A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...

4.8CVSS5.2AI score0.00115EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/03/15 10:32 a.m.6 views

CVE-2026-4174

A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...

4.8CVSS3.9AI score0.00115EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/15 10:32 a.m.49 views

CVE-2026-4174 Radare2 Mach-O File mach0.c walk_exports_trie resource consumption

A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...

4.8CVSS0.00115EPSS
Exploits0References7
OSV
OSV
added 2026/03/15 10:32 a.m.8 views

CVE-2026-4174 Radare2 Mach-O File mach0.c walk_exports_trie resource consumption

A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...

4.8CVSS5.1AI score0.00115EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/03/15 10:32 a.m.7 views

CVE-2026-4174 Radare2 Mach-O File mach0.c walk_exports_trie resource consumption

A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...

4.8CVSS5.2AI score0.00115EPSS
Exploits0References7
CVE
CVE
added 2026/03/15 10:32 a.m.19 views

CVE-2026-4174

Radare2 had a low-severity local DoS-like issue in the Mach-O File Parser: the function walk_exports_trie in libr/bin/format/mach0/mach0.c can cause resource consumption. Affected version: 5.9.9; fix is to upgrade to 6.1.2 (patch identified as 4371ae84c99c46b48cb21badbbef06b30757aba0). A PoC exis...

4.8CVSS5.2AI score0.00115EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/15 12:0 a.m.17 views

PT-2026-25548

A vulnerability has been found in Radare2 5.9.9. This issue affects the function walk exports trie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit...

4.8CVSS5.2AI score0.00115EPSS
Exploits0References10
OSV
OSV
added 2026/03/12 8:57 p.m.6 views

GO-2026-4675 Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing in github.com/anchore/quill

Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing in github.com/anchore/quill...

5.5CVSS5.8AI score0.001EPSS
Exploits0References5
NVD
NVD
added 2026/03/11 8:16 p.m.11 views

CVE-2026-31961

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...

5.5CVSS0.001EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 7:32 p.m.5 views

CVE-2026-31961

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...

5.5CVSS5.8AI score0.001EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/11 7:32 p.m.5 views

CVE-2026-31961 Unbounded memory allocation in Quill via unvalidated size fields in Mach-O binary parsing

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/11 7:32 p.m.46 views

CVE-2026-31961 Unbounded memory allocation in Quill via unvalidated size fields in Mach-O binary parsing

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...

5.5CVSS0.001EPSS
Exploits0References1
CVE
CVE
added 2026/03/11 7:32 p.m.24 views

CVE-2026-31961

CVE-2026-31961 Quill : The Go-based Quill tool before v0.7.1 is vulnerable to unbounded memory allocation when parsing Mach-O binaries. The code signs/notarizes macOS binaries and reads LC_CODE_SIGNATURE fields (DataSize, DataOffset, Size, SuperBlob, BlobIndex, Length) without validating these va...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/11 7:32 p.m.10 views

CVE-2026-31961 Unbounded memory allocation in Quill via unvalidated size fields in Mach-O binary parsing

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...

5.5CVSS5.9AI score0.001EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/11 12:38 a.m.7 views

EUVD-2026-11329

Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing...

5.5CVSS5.8AI score0.001EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/11 12:38 a.m.8 views

Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing

Impact Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in environments such as CI/CD pipelines, shared signing services, or any...

5.5CVSS5.8AI score0.001EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/03/11 12:38 a.m.6 views

GHSA-XJ69-M9QQ-8M94 Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing

Impact Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in environments such as CI/CD pipelines, shared signing services, or any...

5.5CVSS5.9AI score0.001EPSS
Exploits0References6
OSV
OSV
added 2026/03/09 4:6 p.m.5 views

USN-8080-1 yara vulnerabilities

Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...

9.1CVSS6.4AI score0.02996EPSS
Exploits12References18
Ubuntu
Ubuntu
added 2026/03/09 4:6 p.m.11 views

USN-8080-1: YARA vulnerabilities

Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...

9.1CVSS7.2AI score0.02996EPSS
Exploits12
Rows per page
Query Builder