Automatically Attacking Software Reverse Engineering AI Agents

Software tools for reverse engineering executable binary files, such as Ghidra, enable malware analysts to safely conduct robust static analysis without having access to original source code. Coupled with the analytic power of large language models LLM, agentic systems enabled with tools, such as...

CVE-2026-42501

CVE-2026-42501 affects the Go toolchain download path via untrusted module proxies (GOMODPROXY) or checksum databases (GOSUMDB). The flaw allows a malicious module proxy to bypass checksum database validation when the Go toolchain is downloaded/selected (via GOTOOLCHAIN, go.work, or go.mod toolch...

GO-2026-4984 Malicious module proxy can bypass checksum database in cmd/go

A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy GOMODPROXY or checksum database GOSUMDB. A malicious module proxy can serve altered versions o...

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from a flaw in the verification module’s checksum. Malicious modules can bypass the...

PT-2026-38570

Name of the Vulnerable Software and Affected Versions Go affected versions not specified Description A flaw in the go command's validation of module checksums allows a malicious module proxy to bypass checksum database validation. This occurs when the checksum database returns a successful respon...

EUVD-2019-18114

Malware in sbrugna...

EUVD-2019-18113

Malware in sbrugna...

CVE-2019-8722

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege...

CVE-2019-8721

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege...

Linux Distros Unpatched Vulnerability : CVE-2023-4039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in...

EulerOS Virtualization 2.11.1 : gcc (EulerOS-SA-2024-1412)

According to the versions of the gcc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an...

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2024-1103)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gcc13 (SUSE-SU-2023:4162-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4162-1 advisory. - A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attack...

CVE-2023-4039

DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style...

CVE-2023-4039

CVE-2023-4039 describes a GCC stack-protector issue on AArch64: failure of -fstack-protector to detect buffer overflows in C99-style dynamically-sized locals/alloca, unlike static locals. The default overflow handling would terminate the process, but an attacker might influence control flow if an...

CVE-2023-4039

DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style...

CVE-2023-4039

DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style...

RUSTSEC-2022-0076 Bug in Wasmtime implementation of pooling instance allocator

Bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mapping for WebAssembly memories did not meet the compiler-required configuration...

CVE-2019-8724

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege...

CVE-2019-8722

Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege...