Kam1n0 - Assembly Analysis Platform

Kam1n0 v2.x is a scalable assembly management and analysis platform. It allows a user to first index a large collection of binaries into different repositories and provide different analytic services such as clone search and classification. It supports multi-tenancy access and management of...

[SECURITY] Fedora 37 Update: rizin-0.4.1-1.fc37

Rizin is a free and open-source Reverse Engineering framework, providing a complete binary analysis experience with features like Disassembler, Hexadecimal editor, Emulation, Binary inspection, Debugger, and more. Rizin is a fork of radare2 with a focus on usability, working features and co de...

Fedora: Security Advisory for rizin (FEDORA-2022-0c34c7d5e1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

FISSURE - Frequency Independent SDR-based Signal Understanding and Reverse Engineering

Frequency Independent SDR-based Signal Understanding and Reverse Engineering FISSURE is an open-source RF and reverse engineering framework designed for all skill levels with hooks for signal detection and classification, protocol discovery, attack execution, IQ manipulation, vulnerability...

CVE-2022-38453

Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debuginfo' compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities...

Code injection

Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debuginfo' compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities...

CVE-2022-38453 Contec Health CMS8000

Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debuginfo' compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities...

CVE-2022-38453

The CVE-2022-38453 issue affects the CMS8000 device, where multiple binary application files are compiled with 'not stripped' and 'debug_info' settings. This weakens reverse-engineering resistance and could enable an attacker to identify additional vulnerabilities in the affected software stack. ...

PT-2022-24412 · Cms8000 · Cms8000

Name of the Vulnerable Software and Affected Versions: CMS8000 device affected versions not specified Description: The issue concerns the compilation settings of multiple binary application files on the CMS8000 device. These files are compiled with 'not stripped' and 'debug info' settings, which...

CVE-2022-36043

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rzbinrelocstoragefree when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected by this...

Out-of-bounds

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected by this vulnerability, allowing an attacker to execute code on t...

Out-of-bounds

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from PYCpython files. A user opening a malicious PYC file could be affected by this vulnerability, allowing an attacker to execute code ...

Out-of-bounds

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to execute code on the...

CVE-2022-36039

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to out-of-bounds write when parsing DEX files. A user opening a malicious DEX file could be affected by this vulnerability, allowing an attacker to execute code on the user's...

Out-of-bounds

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from dyld cache files. A user opening a malicious dyld cache file could be affected by this vulnerability, allowing an attacker to execu...

CVE-2022-36039 Out-of-bounds write when parsing DEX files in Rizin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to out-of-bounds write when parsing DEX files. A user opening a malicious DEX file could be affected by this vulnerability, allowing an attacker to execute code on the user's...

CVE-2022-36043

Rizin v0.4.0 and earlier are affected by a double-free in bobj.c:rz_bin_reloc_storage_free() when freeing relocations generated by the qnx binary plugin. A user opening a malicious qnx binary could achieve code execution. A patch addressing this issue is in commit a3d50c1ea185f3f642f2d8180715f82d...

CVE-2022-36044

CVE-2022-36044 affects Rizin 0.4.0 and earlier, due to an out-of-bounds write when processing Luac files. A malicious Luac file could allow code execution. Fixes are committed (07b43bc8... and 05bbd147...) and upstream/public advisories reference these patches. Connected sources note related fixe...

CVE-2022-36040

CVE-2022-36040 affects Rizin up to version 0.4.0. It is an out-of-bounds write when getting data from PYC (Python) files, and a user opening a malicious PYC could cause code execution on the local system. The patch is recorded in commit 68948017423a12786704e54227b8b2f918c2fd27; advisories note up...

CVE-2022-36041

CVE-2022-36041 affects Rizin, a UNIX-like reverse engineering framework. The vulnerability is an out-of-bounds write when parsing Mach-O files in versions 0.4.0 and prior. A user opening a malicious Mach-O could allow code execution on the attacker’s machine. A patch is available in commit 7323e6...