Binutils: binutils: arbitrary code execution via malformed xcoff object file processing

...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the read process of the OBJ file parser when handling crafted OBJ files. An attacker can cause a denial of service or obtain sensitive information by persuading a victim to open a specially crafted OBJ file that...

EUVD-2026-26600

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

Red Hat Enterprise Linux 安全漏洞

Red Hat Enterprise Linux is a Linux operating system for enterprise users developed by Red Hat, Inc. Red Hat Enterprise Linux 10 contains a security vulnerability. This vulnerability stems from improper handling of special XCOFF object files during linking. A local attacker can trick users into...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the processing of XCOFF object files. An attacker can execute unauthorized code or commands by convincing a user to process a specially crafted file. Remediation A fix was pushed into the master branch but...

CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

CVE-2026-4647 Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

PT-2026-27135

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

Linux Distros Unpatched Vulnerability : CVE-2026-4647

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the processing of XCOFF object files due to improper validation of relocation type values. An attacker can cause application crashes or access unintended memory contents by supplying a specially crafted XCOFF file ...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the initializesections function of the Object File Handler. An attacker can execute arbitrary code or cause a denial of service by providing specially crafted object files to the application during local...

EUVD-2010-4269

Malware in sbrugna...

EUVD-2022-42253

Malicious code in bioql PyPI...

firefox: thunderbird: Content-Disposition header ignored when a file is included in an embed or object tag

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a or tag, potentially making a website vulnerab...

CVE-2023-40222

In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build 1204.200, the affected application lacks proper validation of user-supplied data when parsing CO files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context o...

CVE-2023-52920

The CVE-2023-52920 entry concerns the Linux kernel BPF precision-tracking update. Affected component: BPF verifier’s precision/backtracking path, specifically handling spill/fill of registers to the stack (notably non-r10 registers after copying r10). Root cause/impact: per-instruction history fl...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-26229 Beacon Object Files Beacon Object File BOF i...

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation, related to reading data beyond the buffer in memory, allows a perpetrator to execute arbitrary code.

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code by loading specially crafted PSOBJ files...

CVE-2024-23804

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0012, Tecnomatix Plant Simulation V2302 All versions V2302.0006. The affected applications contain a stack overflow vulnerability while parsing specially crafted PSOBJ files. This could allow an attacker t...

PT-2024-1899 · Siemens · Tecnomatix Plant Simulation

Name of the Vulnerable Software and Affected Versions: Tecnomatix Plant Simulation V2201 versions prior to V2201.0012 Tecnomatix Plant Simulation V2302 versions prior to V2302.0006 Description: A stack overflow vulnerability has been identified in the affected applications while parsing specially...