Binutils: binutils: arbitrary code execution via malformed xcoff object file processing

...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the read process of the OBJ file parser when handling crafted OBJ files. An attacker can cause a denial of service or obtain sensitive information by persuading a victim to open a specially crafted OBJ file that...

EUVD-2026-26600

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

Red Hat Enterprise Linux 安全漏洞

Red Hat Enterprise Linux is a Linux operating system for enterprise users developed by Red Hat, Inc. Red Hat Enterprise Linux 10 contains a security vulnerability. This vulnerability stems from improper handling of special XCOFF object files during linking. A local attacker can trick users into...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the processing of XCOFF object files. An attacker can execute unauthorized code or commands by convincing a user to process a specially crafted file. Remediation A fix was pushed into the master branch but...

CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

CVE-2026-4647 Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

PT-2026-27135

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

Linux Distros Unpatched Vulnerability : CVE-2026-4647

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the processing of XCOFF object files due to improper validation of relocation type values. An attacker can cause application crashes or access unintended memory contents by supplying a specially crafted XCOFF file ...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the initializesections function of the Object File Handler. An attacker can execute arbitrary code or cause a denial of service by providing specially crafted object files to the application during local...

EUVD-2010-4269

Malware in sbrugna...

EUVD-2022-42253

Malicious code in bioql PyPI...

firefox: thunderbird: Content-Disposition header ignored when a file is included in an embed or object tag

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a or tag, potentially making a website vulnerab...

CVE-2023-40222

In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build 1204.200, the affected application lacks proper validation of user-supplied data when parsing CO files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context o...

CVE-2023-52920

The CVE-2023-52920 entry concerns the Linux kernel BPF precision-tracking update. Affected component: BPF verifier’s precision/backtracking path, specifically handling spill/fill of registers to the stack (notably non-r10 registers after copying r10). Root cause/impact: per-instruction history fl...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-26229 Beacon Object Files Beacon Object File BOF i...

CVE-2024-23804

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0012, Tecnomatix Plant Simulation V2302 All versions V2302.0006. The affected applications contain a stack overflow vulnerability while parsing specially crafted PSOBJ files. This could allow an attacker t...

PT-2024-1899 · Siemens · Tecnomatix Plant Simulation

Name of the Vulnerable Software and Affected Versions: Tecnomatix Plant Simulation V2201 versions prior to V2201.0012 Tecnomatix Plant Simulation V2302 versions prior to V2302.0006 Description: A stack overflow vulnerability has been identified in the affected applications while parsing specially...

[SECURITY] Fedora 38 Update: netconsd-0.4-1.fc38

This is a daemon for receiving and processing logs from the Linux Kernel, as emitted over a network by the kernel's netconsole module. It supports both the old "legacy" text-only format, and the new extended format added in v4.4. The core of the daemon does nothing but process messages and drop...