30 matches found
CVE-2026-21996
An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...
dtrace security update
2.0.7-4 - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap if section header data is corrupted. CVE-2026-21996. Orabug: 39121874 - Ensure safety checks are performed on program header data from ELF...
dtrace security update
2.0.7-4 - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap if section header data is corrupted. CVE-2026-21996. Orabug: 39121874 - Ensure safety checks are performed on program header data from ELF...
Oracle Linux 10 / 9 : dtrace (ELSA-2026-50249)
The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50249 advisory. - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap ...
Oracle Linux 8 / 9 : dtrace (ELSA-2026-50250)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50250 advisory. - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap i...
module: Fix kernel panic when a symbol st_shndx is out of bounds
...
RUSTSEC-2026-0078 Symbol confusion after hasher panic in `intaglio` interners
Affected versions of this crate can leave all SymbolTable variants in an internally inconsistent state if a custom BuildHasher panics during HashMap::insert and the caller recovers with catchunwind. The intern implementations committed a vec.push... before the matching map.insert... completed. If...
CVE-2026-2660 FascinatedBox lily lily_symtab.c shorthash_for_name use after free
A vulnerability was identified in FascinatedBox lily up to 2.3. Affected by this issue is the function shorthashforname of the file src/lilysymtab.c. The manipulation leads to use after free. Local access is required to approach this attack. The exploit is publicly available and might be used. Th...
PT-2026-20482
A vulnerability was identified in FascinatedBox lily up to 2.3. Affected by this issue is the function shorthash for name of the file src/lily symtab.c. The manipulation leads to use after free. Local access is required to approach this attack. The exploit is publicly available and might be used...
CVE-2024-41948 biscuit-java vulnerable to public key confusion in third party block
biscuit-java is the java implementation of Biscuit, an authentication and authorization token for microservices architectures. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be sent, providing only the...
biscuit-auth vulnerable to public key confusion in third party block
Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be sent, providing only the necessary info to generate a third-party block and to sign it: - the public key of the previous block used in the signature - t...
GHSA-P9W4-585H-G3C7 biscuit-auth vulnerable to public key confusion in third party block
Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be sent, providing only the necessary info to generate a third-party block and to sign it: - the public key of the previous block used in the signature - t...
biscuit-java vulnerable to public key confusion in third party block
Impact Tokens with third-party blocks containing trusted annotations generated through a third party block request. Due to implementation issues in biscuit-java, third party block support in published versions is inoperating. Nevertheless, to synchronize with other implementations, we publish thi...
Uncaught Exception
Overview std/debug/macho is a Go standard library package std/debug/macho Affected versions of this package are vulnerable to Uncaught Exception. Go Vulnerability Report: Calling File.ImportedSymbols on a loaded file which contains an invalid dynamic symbol table command can cause a panic, in...
PT-2020-6218 · Libbsd +4 · Libbsd +4
Name of the Vulnerable Software and Affected Versions: libbsd versions prior to 0.10.0 Description: The issue is related to an out-of-bounds read in the nlist.c file of the libbsd library. This occurs during a comparison for a symbol name from the string table strtab. The exploitation of this iss...
Lst2X64Dbg - Extract labels from IDA .lst or Ghidra .csv file and export x64dbg database
This script extracts all the labels found in the LST file that is given as the script's single argument. An x64dbg database is created in the current directory based on the extracted labels. The LST file can be generated in IDA from the File menu: Produce file - Create LST file... Example $ pytho...
DEBIAN-CVE-2017-14729
The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have...
GNU Binutils 'bfd_mach_o_read_symtab_strtab' function out-of-bounds heap write vulnerability
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...
CVE-2017-11343
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in On lookup time...
DEBIAN-CVE-2017-11343
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in On lookup time...