EUVD-2026-33951

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section...

PT-2026-41782

Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0 Description The replacement ELF parser trusts section offsets, counts, and string offsets from executable files. A crafted local ELF file can cause the agent to dereference invalid...

Astra Linux - уязвимость в libbsd

nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table strtab...

dtrace security update

2.0.7-4 - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap if section header data is corrupted. CVE-2026-21996. Orabug: 39121874 - Ensure safety checks are performed on program header data from ELF...

EUVD-2025-180212

Malicious code in authorize-float-signal-string-table npm...

EUVD-2020-7410

Malware in sbrugna...

EUVD-2020-3335

Malware in sbrugna...

EUVD-2017-8290

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-48877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed...

DEBIAN-CVE-2024-48877

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

UBUNTU-CVE-2024-48877

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-48877

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

Catdoc 安全漏洞

Catdoc is a program that reads MS-Word files and prints them readably, by the individual developer Pete Warden in the United States. A security vulnerability exists in Catdoc version 0.95, which stems from a memory corruption in the shared string table record parser that could result in a heap...

SUSE CVE-2017-17124

The bfdcoffreadstringtable function in coffgen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service excessive memory consumption, ...

SUSE CVE-2018-7437

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parseSST function...

SUSE CVE-2019-20367

nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table strtab...

Microsoft Excel XLS File SST Record Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

CVE-2020-15634

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers with firmware 1.0.4.8410.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads...

CVE-2020-15634

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers with firmware 1.0.4.8410.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads...

Design/Logic Flaw

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers with firmware 1.0.4.8410.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads...