Lucene search
K

32 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libbsd

The nlist.c file in libbsd before version 0.10.0 contains an out-of-bounds read during a comparison of a symbol name from the string table strtab...

9.1CVSS8AI score0.02805EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.14 views

PT-2026-48413

Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rust demangle function that allocates unbounded output buffers without size limits. Attackers can craft malicious Rust symbol names in binaries to trigger exponential memory allocation, causing process crashes during binary...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/04/24 1:28 a.m.8 views

SUSE CVE-2026-40517

radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...

8.4CVSS6.3AI score0.01051EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/22 9:44 p.m.3 views

CVE-2026-40517

radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...

8.4CVSS6.3AI score0.01051EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/22 9:44 p.m.5 views

CVE-2026-40517 radare2 < 6.1.4 Command Injection via PDB Parser Symbol Names

radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...

8.4CVSS6.3AI score0.01051EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2026/04/22 9:44 p.m.3 views

CVE-2026-40517

radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...

8.4CVSS6.1AI score0.01051EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/22 9:44 p.m.30 views

CVE-2026-40517 radare2 < 6.1.4 Command Injection via PDB Parser Symbol Names

radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...

8.4CVSS0.01051EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/04/22 9:44 p.m.5 views

CVE-2026-40517

radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...

8.4CVSS6.1AI score0.01051EPSS
Exploits1
CVE
CVE
added 2026/04/22 9:44 p.m.25 views

CVE-2026-40517

CVE-2026-40517 affects radare2 before 6.1.4, where the PDB parser’s print_gvars() permits command injection via crafted PDB files. Unsanitized symbol name interpolation in the flag rename operation allows attackers to inject and execute radare2 commands when the idp command is run against the mal...

8.4CVSS6.3AI score0.01051EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-3512

Malware in sbrugna...

9.3CVSS7.8AI score0.00411EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2021/11/18 12:0 a.m.93 views

gcc-toolset-11-annobin security update

9.85-1.1 - Annocheck: Add test for multibyte characters in symbol names. 2017367...

8.3CVSS8.7AI score0.12205EPSS
Exploits4
Oracle linux
Oracle linux
added 2021/11/18 12:0 a.m.59 views

gcc-toolset-10-annobin security update

9.29-1.2 - Bump and rebuild for new gcc. 2017782 9.29-1.1 - Annocheck: Add test for multibyte characters in symbol names. 2009282...

8.3CVSS8.7AI score0.12205EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2021/11/10 10:26 a.m.54 views

Moderate: Red Hat Security Advisory: annobin security update

An update for annobin is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.3CVSS7AI score0.12205EPSS
Exploits4References3
RedHat Linux
RedHat Linux
added 2021/11/10 9:48 a.m.48 views

Moderate: Red Hat Security Advisory: gcc-toolset-10-annobin security update

An update for gcc-toolset-10-annobin is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.3CVSS7AI score0.12205EPSS
Exploits4References3
RedHat Linux
RedHat Linux
added 2021/11/10 9:15 a.m.53 views

Moderate: Red Hat Security Advisory: gcc-toolset-10-annobin security update

An update for gcc-toolset-10-annobin is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.3CVSS7AI score0.12205EPSS
Exploits4References3
AlmaLinux
AlmaLinux
added 2021/11/10 8:39 a.m.51 views

Moderate: annobin security update

Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced in annobin in order to facilitate...

8.3CVSS8.7AI score0.12205EPSS
Exploits4References1
AlmaLinux
AlmaLinux
added 2021/11/10 8:39 a.m.53 views

Moderate: gcc-toolset-10-annobin security update

Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced in annobin in order to facilitate...

8.3CVSS8.7AI score0.12205EPSS
Exploits4References1
Rockylinux
Rockylinux
added 2021/11/10 8:39 a.m.29 views

gcc-toolset-10-annobin security update

An update is available for gcc-toolset-10-annobin. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Annobin provides a compiler plugin to annotate and tools to...

8.3CVSS1.9AI score0.12205EPSS
Exploits4
AlmaLinux
AlmaLinux
added 2021/11/10 8:38 a.m.55 views

Moderate: gcc-toolset-11-annobin security update

Annobin provides a compiler plugin to annotate and tools to examine compiled binary files. Security Fixes: Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 The following changes were introduced in annobin in order to facilitate...

8.3CVSS8.7AI score0.12205EPSS
Exploits4References1
Veracode
Veracode
added 2021/01/15 5:3 a.m.29 views

Arbitrary Code Execution

golang is vulnerable to arbitrary code execution. An attacker is able to inject and execute arbitrary code on the host OS at build time using malicious symbol names...

7.5CVSS3.1AI score0.02244EPSS
Exploits0References14Affected Software3
Rows per page
Query Builder