22 matches found
EUVD-2019-10919
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-2430
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain...
SUSE CVE-2024-53233
In the Linux kernel, the following vulnerability has been resolved: unicode: Fix utf8load error path utf8load requests the symbol "utf8datatable" and then checks if the requested UTF-8 version is supported. If it's unsupported, it tries to put the data table using symbolput. If an unsupported...
CVE-2024-53233 unicode: Fix utf8_load() error path
In the Linux kernel, the following vulnerability has been resolved: unicode: Fix utf8load error path utf8load requests the symbol "utf8datatable" and then checks if the requested UTF-8 version is supported. If it's unsupported, it tries to put the data table using symbolput. If an unsupported...
Ghidra_Kernelcache - A Ghidra Framework For iOS Kernelcache Reverse Engineering
This framework is the end product of my experience in reverse engineering iOS kernelcache,I do manually look for vulnerabilities in the kernel and have automated most of the things I really wanted to see in Ghidra to speed up the process of reversing, and this proven to be effective and saves a l...
golang: malicious symbol names can lead to code execution at build time
An input validation vulnerability was found in Go. From a generated go file from the cgo tool, it is possible to modify symbols within that object file and specify code. This flaw allows an attacker to create a repository that includes malicious pre-built object files that could execute arbitrary...
CVE-2020-28366
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file...
CVE-2020-28366
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file...
CVE-2020-28366
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file...
ALPINE-CVE-2019-20367
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table strtab...
DEBIAN-CVE-2019-20367
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table strtab...
CVE-2019-20367
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table strtab...
UBUNTU-CVE-2019-20367
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table strtab...
Out-of-bounds
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table strtab...
CVE-2019-20367
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table strtab...
CVE-2019-20367
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table strtab...
CVE-2016-2430
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containing a crafted symbol name, aka internal bug 27299236...
CVE-2016-2430
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containing a crafted symbol name, aka internal bug 27299236...
UBUNTU-CVE-2016-2430
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containing a crafted symbol name, aka internal bug 27299236...
Design/Logic Flaw
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containing a crafted symbol name, aka internal bug 27299236...