CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66287 Crash type: UNKNOWN READ Crash state: PackLinuxElf32::adjABS PackLinuxElf32::unasldynsym PackLinuxElf32::unshlib1...

7.2AI score

Exploits0References1

Positive Technologies•added 2024/02/11 12:0 a.m.•2 views

PT-2024-40889 · Git +1 · Upx

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ, with a crash state involving functions such as PackLinuxElf32::adjABS, PackLinuxElf32::un asl dynsy...

6.9AI score

Exploits0References2

Veracode•added 2024/01/14 3:48 p.m.•17 views

Heap Buffer Overflow

UPX is vulnerable to a heap-based buffer overflow. The vulnerability is due to the variable 'bucket' pointing to an inaccessible address in the function PackLinuxElf32::invertptdynamic at plxelf.cpp which can be exploited by attackers to execute arbitrary code or cause a denial of service...

7.5CVSS8.2AI score0.00348EPSS

Exploits1References2Affected Software1

SUSE CVE•added 2023/03/28 1:52 a.m.•1 views

SUSE CVE-2021-43314

A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func getle32. The problem is essentially caused in PackLinuxElf32::elflookup at plxelf.cpp:5368...

7.5CVSS7.2AI score0.00348EPSS

Exploits1References4

SUSE CVE•added 2023/03/28 1:52 a.m.•1 views

SUSE CVE-2021-43315

7.5CVSS7.2AI score0.00348EPSS

Exploits1References4

Snyk•added 2023/03/26 12:55 p.m.•1 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to the variable bucket pointing to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invertptdynamic at plxelf.cpp:1688. Remediation Upgrade upx to version 4.2.1 or...

7.5CVSS7AI score0.00348EPSS

Exploits1References2

NVD•added 2023/03/24 8:15 p.m.•17 views

CVE-2021-43315

7.5CVSS7.5AI score0.00348EPSS

Exploits1References1

OSV•added 2023/03/24 8:15 p.m.•2 views

DEBIAN-CVE-2021-43315

7.5CVSS7.6AI score0.00348EPSS

Exploits1References1

OSV•added 2023/03/24 8:15 p.m.•24 views

CVE-2021-43313

A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invertptdynamic at plxelf.cpp:1688...

7.5CVSS7.8AI score

Exploits0References1

OSV•added 2023/03/24 8:15 p.m.•14 views

CVE-2021-43315

7.5CVSS7.8AI score

Exploits0References1

NVD•added 2023/03/24 8:15 p.m.•16 views

CVE-2021-43313

7.5CVSS7.6AI score0.00348EPSS

Exploits1References1

OSV•added 2023/03/24 8:15 p.m.•14 views

CVE-2021-43314

7.5CVSS7.8AI score

Exploits0References1

OSV•added 2023/03/24 8:15 p.m.•14 views

CVE-2021-43311

A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func getle32. The problem is essentially caused in PackLinuxElf32::elflookup at plxelf.cpp:5382...

7.5CVSS7.9AI score

Exploits0References1

OSV•added 2023/03/24 8:15 p.m.•1 views

DEBIAN-CVE-2021-43311

7.5CVSS7.7AI score0.00348EPSS

Exploits1References1

OSV•added 2023/03/24 8:15 p.m.•1 views

DEBIAN-CVE-2021-43314

7.5CVSS7.6AI score0.00348EPSS

Exploits1References1