3230 matches found
PT-2025-40135
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The libbpf component in the Linux kernel contains an issue where it directly uses the e shnum field in the ELF header as the section header count. This can lead to a heap-buffer overflow...
kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...
SUSE CVE-2025-11081
A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dumpdwarfsection of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named...
CVE-2025-11081
A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dumpdwarfsection of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named...
GNU Binutils elf_swap_shdr function buffer overflow vulnerability
GNU Binutils is a set of binary tools developed by the GNU Project to handle the management, analysis and debugging of executables, target files and other binary files. A heap buffer overflow vulnerability exists in GNU Binutils, which stems from the elfswapshdr function in the bfd/elfcode.h...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the dumpdwarfsection function. An attacker can cause a denial of service by providing specially crafted input that triggers an out-of-bounds read during processing. Remediation A fix was pushed into the master...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the dumpdwarfsection function. An attacker can cause a denial of service by providing specially crafted input that triggers an out-of-bounds read during processing. Remediation A fix was pushed into the master...
CVE-2025-11081
A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dumpdwarfsection of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named...
CVE-2025-11081
A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dumpdwarfsection of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named...
DEBIAN-CVE-2025-11081
A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dumpdwarfsection of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named...
UBUNTU-CVE-2025-11081
A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dumpdwarfsection of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named...
CVE-2025-11081
CVE-2025-11081 pertains to GNU Binutils 2.45, specifically the dump_dwarf_section function in binutils/objdump.c. The issue allows a local attacker to trigger an out-of-bounds read, with exploit details publicly available. A patch is available (hash f87a66db645caf8cc0e6fc87b0c28c78a38af59b) and u...
CVE-2025-11081 GNU Binutils objdump.c dump_dwarf_section out-of-bounds
A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dumpdwarfsection of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named...
CVE-2025-11081 GNU Binutils objdump.c dump_dwarf_section out-of-bounds
A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dumpdwarfsection of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named...
CVE-2025-11081
A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dumpdwarfsection of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named...
GNU Binutils 缓冲区错误漏洞
GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily used to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A buff...
Malicious code in acqui-hero-section (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-47608 Malicious code in acqui-hero-section (npm)
--- -= Per source details. Do not edit below this line.=-...
NVIDIA nvdisasm RELA section parsing out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2025-2172 NVIDIA nvdisasm RELA section parsing out-of-bounds write vulnerability September 24, 2025 CVE Number CVE-2025-23340 SUMMARY An out-of-bounds write vulnerability exists in the RELA section parsing functionality of NVIDIA nvdisasm 12.8.90. A specially...
Http4s 安全漏洞
Http4s is an open source streaming HTTP server for Scala from Http4s Open Source. A security vulnerability exists in Http4s versions 1.0.0-M1 through 1.0.0-M45 and prior to 0.23.31, which stems from mishandling of the HTTP trailer section and could lead to an HTTP request entrapment technique...