104 matches found
CVE-2026-13573
A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The...
UBUNTU-CVE-2026-13573
A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The...
EUVD-2026-40115
A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The...
CVE-2026-13573
CVE-2026-13573 affects the LLVM project (up to 22.1.6), specifically the ValueSymbolTable module’s file lib/IR/ValueSymbolTable.cpp and its function StringMap::insert. The issue is a stack-based buffer overflow introduced in that function, enabling a local attacker to exploit it. The exploit has ...
CVE-2026-13573 llvm llvm-project ValueSymbolTable ValueSymbolTable.cpp insert stack-based overflow
A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The...
Astra Linux – Vulnerability in binutils
A flaw was discovered in Binutils. The thebfd field of the asymbol struct is uninitialized in the bfdmachogetsyntheticsymtab function, which may lead to an application crash and local denial of service...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the ParseLibSymbols function when parsing a BSD-style .SYMDEF symbol table. An attacker can access sensitive information from uninitialized heap memory by providing a specially crafted Unix ar archive...
CVE-2026-48112 GHSL-2026-122 7-Zip Ar SYMDEF OOB Read
7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style .SYMDEF symbol table, the...
CVE-2026-48112
7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style .SYMDEF symbol table, the...
CVE-2026-21996
An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...
dtrace security update
2.0.7-4 - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap if section header data is corrupted. CVE-2026-21996. Orabug: 39121874 - Ensure safety checks are performed on program header data from ELF...
dtrace security update
2.0.7-4 - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap if section header data is corrupted. CVE-2026-21996. Orabug: 39121874 - Ensure safety checks are performed on program header data from ELF...
Oracle Linux 8 / 9 : dtrace (ELSA-2026-50250)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50250 advisory. - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap i...
Oracle Linux 10 / 9 : dtrace (ELSA-2026-50249)
The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50249 advisory. - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap ...
module: Fix kernel panic when a symbol st_shndx is out of bounds
...
RUSTSEC-2026-0078 Symbol confusion after hasher panic in `intaglio` interners
Affected versions of this crate can leave all SymbolTable variants in an internally inconsistent state if a custom BuildHasher panics during HashMap::insert and the caller recovers with catchunwind. The intern implementations committed a vec.push... before the matching map.insert... completed. If...
CVE-2026-2660 FascinatedBox lily lily_symtab.c shorthash_for_name use after free
A vulnerability was identified in FascinatedBox lily up to 2.3. Affected by this issue is the function shorthashforname of the file src/lilysymtab.c. The manipulation leads to use after free. Local access is required to approach this attack. The exploit is publicly available and might be used. Th...
PT-2026-20482
A vulnerability was identified in FascinatedBox lily up to 2.3. Affected by this issue is the function shorthash for name of the file src/lily symtab.c. The manipulation leads to use after free. Local access is required to approach this attack. The exploit is publicly available and might be used...
HSEC-2024-0009 Public key confusion in third-party blocks
Public key confusion in third-party blocks Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be sent, providing only the necessary info to generate a third-party block and to sign it: - the public key of t...
ROS-20251111-10
Vulnerability of processsymtab function of eu-readelf component of ELF Elfutils binary modification and analysis utility is related to copying buffer without checking input data size. ELF Elfutils is related to buffer copying without checking input data size. Exploitation vulnerability could allo...