32 matches found
Astra Linux – Vulnerability in libbsd
The nlist.c file in libbsd before version 0.10.0 contains an out-of-bounds read during a comparison of a symbol name from the string table strtab...
PT-2026-48413
Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rust demangle function that allocates unbounded output buffers without size limits. Attackers can craft malicious Rust symbol names in binaries to trigger exponential memory allocation, causing process crashes during binary...
SUSE CVE-2026-40517
radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...
CVE-2026-40517
radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...
CVE-2026-40517 radare2 < 6.1.4 Command Injection via PDB Parser Symbol Names
radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...
CVE-2026-40517
radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...
CVE-2026-40517 radare2 < 6.1.4 Command Injection via PDB Parser Symbol Names
radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...
CVE-2026-40517
radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...
CVE-2026-40517
CVE-2026-40517 affects radare2 before 6.1.4, where the PDB parser’s print_gvars() permits command injection via crafted PDB files. Unsanitized symbol name interpolation in the flag rename operation allows attackers to inject and execute radare2 commands when the idp command is run against the mal...
EUVD-2016-3512
Malware in sbrugna...
gcc-toolset-11-annobin security update
9.85-1.1 - Annocheck: Add test for multibyte characters in symbol names. 2017367...
gcc-toolset-10-annobin security update
9.29-1.2 - Bump and rebuild for new gcc. 2017782 9.29-1.1 - Annocheck: Add test for multibyte characters in symbol names. 2009282...
Moderate: Red Hat Security Advisory: annobin security update
An update for annobin is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: gcc-toolset-10-annobin security update
An update for gcc-toolset-10-annobin is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: gcc-toolset-10-annobin security update
An update for gcc-toolset-10-annobin is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Moderate: annobin security update
Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced in annobin in order to facilitate...
Moderate: gcc-toolset-10-annobin security update
Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced in annobin in order to facilitate...
gcc-toolset-10-annobin security update
An update is available for gcc-toolset-10-annobin. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Annobin provides a compiler plugin to annotate and tools to...
Moderate: gcc-toolset-11-annobin security update
Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced in annobin in order to facilitate...
Arbitrary Code Execution
golang is vulnerable to arbitrary code execution. An attacker is able to inject and execute arbitrary code on the host OS at build time using malicious symbol names...