41 matches found
CVE-2026-49496
Ghidra before 12.1 contains a heap-use-after-free vulnerability in SleighBuilder::generatePointerAdd caused by iterator invalidation when PcodeCacher::allocateInstruction reallocates the issued vector. Attackers can trigger memory corruption by decompiling malicious binaries through the public...
CVE-2024-58350
Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiti...
EUVD-2026-36005
Ghidra before 12.1 contains a heap-use-after-free vulnerability in SleighBuilder::generatePointerAdd caused by iterator invalidation when PcodeCacher::allocateInstruction reallocates the issued vector. Attackers can trigger memory corruption by decompiling malicious binaries through the public...
CVE-2026-49496 Ghidra < 12.1 - Heap-Use-After-Free in SleighBuilder::generatePointerAdd via Vector Reallocation
Ghidra before 12.1 contains a heap-use-after-free vulnerability in SleighBuilder::generatePointerAdd caused by iterator invalidation when PcodeCacher::allocateInstruction reallocates the issued vector. Attackers can trigger memory corruption by decompiling malicious binaries through the public...
CVE-2024-58350 Ghidra < 11.2 - Use After Free in Sleigh Backend via Static Initialization Order
Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiti...
EUVD-2024-55616
Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiti...
CVE-2024-58350
Ghidra prior to 11.2 contains a use-after-free in the Sleigh backend caused by undefined static initialization order of SleighArchitecture::translators and XmlArchitectureCapability singletons. This can enable an attacker to trigger an infinite loop or denial of service during shutdown due to uns...
CVE-2024-58350 Ghidra < 11.2 - Use After Free in Sleigh Backend via Static Initialization Order
Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiti...
PT-2026-48402
Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiti...
PT-2026-48407
Ghidra before 12.1 contains a heap-use-after-free vulnerability in SleighBuilder::generatePointerAdd caused by iterator invalidation when PcodeCacher::allocateInstruction reallocates the issued vector. Attackers can trigger memory corruption by decompiling malicious binaries through the public...
Malicious Package
Overview elf-stats-aurora-sleigh-694 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in elf-stats-nutmeg-sleigh-350 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4e43446814eeb05f58979f02ff96534374a9f069055bcc5f5f97425254b0817 The package elf-stats-nutmeg-sleigh-350 was found to contain malicious code. Source: ghsa-malware...
Malicious code in elf-stats-cheery-sleigh-538 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9733e102f5e123d456a593acf8acff3eebe9875306e5ee21df8992acd3bd373 The package elf-stats-cheery-sleigh-538 was found to contain malicious code...
MAL-2025-192499 Malicious code in elf-stats-festive-sleigh-368 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f1f4d8617d9417b57ac5d906d1d72bec6c8f342444d3aefcc2681d4f56ebcbe The package elf-stats-festive-sleigh-368 was found to contain malicious code...
EUVD-2025-202823
Malicious code in elf-stats-cheery-sleigh-538 npm...
EUVD-2025-202839
Malicious code in elf-stats-aurora-sleigh-694 npm...
Malicious code in elf-stats-tinsel-sleigh-669 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea0f6663d5e999d515c8873ef2ea13aeeac00025c4aceaa81a2b5178991461be The package elf-stats-tinsel-sleigh-669 was found to contain malicious code...
EUVD-2025-202810
Malicious code in elf-stats-festive-sleigh-368 npm...
MAL-2025-192470 Malicious code in elf-stats-aurora-sleigh-694 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34711b753b62675e9bbb1491241713eeb1b612d1f1fab7a769a70c1105afc8f9 The package elf-stats-aurora-sleigh-694 was found to contain malicious code. Source: ghsa-malware...
Malicious code in elf-stats-festive-sleigh-368 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f1f4d8617d9417b57ac5d906d1d72bec6c8f342444d3aefcc2681d4f56ebcbe The package elf-stats-festive-sleigh-368 was found to contain malicious code...