DEBIAN-CVE-2025-2849

A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::unDTINIT of the file src/plxelf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been...

DEBIAN-CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...

Fedora 缓冲区错误漏洞

UPX is an open source executable file packaging program that supports a variety of file formats from different operating systems. A denial of service vulnerability exists in canPack in plxelf.cpp in UPX version 3.96. An attacker can exploit this vulnerability to cause the application to crash via...

UBUNTU-CVE-2019-20805

plxelf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PTDYNAMIC segment...

PT-2019-16068 · Upx Team +3 · Upx +2

Name of the Vulnerable Software and Affected Versions: UPX version 3.95 ALT Linux affected versions not specified Description: An issue was found in the canUnpack function in p mach.cpp, which can be triggered by a crafted Mach-O file, leading to an invalid memory address dereference...

DEBIAN-CVE-2017-16869

pmach.cpp in UPX 3.94 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via a crafted Mach-O file, related to canPack and unpack functions. NOTE: the vendor has stated "there is no security implication...