85 matches found
CVE-2022-36040
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from PYCpython files. A user opening a malicious PYC file could be affected by this vulnerability, allowing an attacker to execute code ...
Out-of-bounds
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from PYCpython files. A user opening a malicious PYC file could be affected by this vulnerability, allowing an attacker to execute code ...
CVE-2022-36040
CVE-2022-36040 affects Rizin up to version 0.4.0. It is an out-of-bounds write when getting data from PYC (Python) files, and a user opening a malicious PYC could cause code execution on the local system. The patch is recorded in commit 68948017423a12786704e54227b8b2f918c2fd27; advisories note up...
CVE-2022-36040 Rizin Out-of-bounds Write vulnerability in pyc/marshal.c
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from PYCpython files. A user opening a malicious PYC file could be affected by this vulnerability, allowing an attacker to execute code ...
CVE-2022-36040 Rizin Out-of-bounds Write vulnerability in pyc/marshal.c
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from PYCpython files. A user opening a malicious PYC file could be affected by this vulnerability, allowing an attacker to execute code ...
CVE-2022-36040 Rizin Out-of-bounds Write vulnerability in pyc/marshal.c
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from PYCpython files. A user opening a malicious PYC file could be affected by this vulnerability, allowing an attacker to execute code ...
Denial Of Service (DoS)
radare2 is vulnerable to denial of service. The vulnerability exists due to a double free vulnerability in the pyc parse which allows an attacker to crash the application via malicious input...
CVE-2021-32613
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS...
CVE-2021-32613
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS...
Double free
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS...
CVE-2021-32613
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS...
UBUNTU-CVE-2021-32613
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS...
CVE-2021-32613
Radare2 (affected up to version 5.3.0) contains a double-free vulnerability in the pyc parser triggered by a crafted file, which can lead to a denial of service. The issue has been addressed upstream with a fix in version 5.3.1 (per security advisories and patch notes from multiple sources). If u...
CVE-2021-32613
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS...
CVE-2021-32613
In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS...
CVE-2020-9306
Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of Hard-coded Credentials" issue because Digi ConnectPort X2e uses a .pyc file to store the cleartext password for the python user account...
GHSA-74XW-82V7-HMRM Improper Input Validation in python-dbusmock
python-dbusmock before version 0.15.1 AddTemplate D-Bus method call or DBusTestCase.spawnservertemplate method could be tricked into executing malicious code if an attacker supplies a .pyc file...
Design/Logic Flaw
python-dbusmock before version 0.15.1 AddTemplate D-Bus method call or DBusTestCase.spawnservertemplate method could be tricked into executing malicious code if an attacker supplies a .pyc file...
DEBIAN-CVE-2015-1326
python-dbusmock before version 0.15.1 AddTemplate D-Bus method call or DBusTestCase.spawnservertemplate method could be tricked into executing malicious code if an attacker supplies a .pyc file...
CVE-2015-1326
python-dbusmock before version 0.15.1 AddTemplate D-Bus method call or DBusTestCase.spawnservertemplate method could be tricked into executing malicious code if an attacker supplies a .pyc file...