Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the ParseLibSymbols function when parsing a BSD-style .SYMDEF symbol table. An attacker can access sensitive information from uninitialized heap memory by providing a specially crafted Unix ar archive...

CVE-2026-48112 GHSL-2026-122 7-Zip Ar SYMDEF OOB Read

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style .SYMDEF symbol table, the...

Astra Linux - уязвимость в binutils

A flaw was discovered in Binutils. The thebfd field of the asymbol struct is uninitialized in the bfdmachogetsyntheticsymtab function, which may lead to an application crash and local denial of service...

CVE-2026-21996

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...

dtrace security update

2.0.7-4 - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap if section header data is corrupted. CVE-2026-21996. Orabug: 39121874 - Ensure safety checks are performed on program header data from ELF...

Oracle Linux 10 / 9 : dtrace (ELSA-2026-50249)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50249 advisory. - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap ...

dtrace security update

2.0.7-4 - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap if section header data is corrupted. CVE-2026-21996. Orabug: 39121874 - Ensure safety checks are performed on program header data from ELF...

Oracle Linux 8 / 9 : dtrace (ELSA-2026-50250)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50250 advisory. - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap i...

module: Fix kernel panic when a symbol st_shndx is out of bounds

...

RUSTSEC-2026-0078 Symbol confusion after hasher panic in `intaglio` interners

Affected versions of this crate can leave all SymbolTable variants in an internally inconsistent state if a custom BuildHasher panics during HashMap::insert and the caller recovers with catchunwind. The intern implementations committed a vec.push... before the matching map.insert... completed. If...

CVE-2026-2660 FascinatedBox lily lily_symtab.c shorthash_for_name use after free

A vulnerability was identified in FascinatedBox lily up to 2.3. Affected by this issue is the function shorthashforname of the file src/lilysymtab.c. The manipulation leads to use after free. Local access is required to approach this attack. The exploit is publicly available and might be used. Th...

PT-2026-20482

A vulnerability was identified in FascinatedBox lily up to 2.3. Affected by this issue is the function shorthash for name of the file src/lily symtab.c. The manipulation leads to use after free. Local access is required to approach this attack. The exploit is publicly available and might be used...

HSEC-2024-0009 Public key confusion in third-party blocks

Public key confusion in third-party blocks Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be sent, providing only the necessary info to generate a third-party block and to sign it: - the public key of t...

ROS-20251111-10

Vulnerability of processsymtab function of eu-readelf component of ELF Elfutils binary modification and analysis utility is related to copying buffer without checking input data size. ELF Elfutils is related to buffer copying without checking input data size. Exploitation vulnerability could allo...

EUVD-2016-10194

Malware in sbrugna...

EUVD-2020-8551

Malware in sbrugna...

EUVD-2017-2972

Malware in sbrugna...

NVIDIA nvdisasm symbol table parsing improper array index validation vulnerability

Talos Vulnerability Report TALOS-2025-2169 NVIDIA nvdisasm symbol table parsing improper array index validation vulnerability September 24, 2025 CVE Number CVE-2025-23338 SUMMARY An improper array index validation vulnerability exists in the symbol table parsing functionality of NVIDIA nvdisasm...

GNU elfutils eu-read readelf.c handle_dynamic_symtab null pointer dereference

...

Linux Distros Unpatched Vulnerability : CVE-2025-1365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function processsymtab of the file readelf.c of the compone...