14 matches found
CVE-2026-31961
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...
Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing
Impact Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in environments such as CI/CD pipelines, shared signing services, or any...
GHSA-XJ69-M9QQ-8M94 Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing
Impact Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in environments such as CI/CD pipelines, shared signing services, or any...
PT-2026-24692
Name of the Vulnerable Software and Affected Versions Quill versions prior to 0.7.1 Description Quill, a tool for Mac binary signing and notarization, has an issue where it can allocate an excessive amount of memory when processing Mach-O binaries. This occurs because the software doesn't properl...
CVE-2025-69647
A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed DWARF loclists data with the readelf program can trigger an infinite loop and result in a denial of service. Mitigation To mitigate this vulnerability, do not process untrusted, unverified or...
CVE-2025-69650
A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed relocation data with the readelf program can trigger a double free, causing a crash and resulting in a denial of service. Mitigation To mitigate this vulnerability, do not process untrusted, unverifi...
EUVD-2024-0062
Malicious code in bioql PyPI...
PT-2024-29909 · Homebrew · Homebrew
Name of the Vulnerable Software and Affected Versions: Homebrew versions prior to 4.2.20 Description: The issue allows attackers to achieve code execution via an ELF file with a custom .interp section. This occurs during an un-sandboxed binary relocation phase, before a user would expect executio...
Git for Windows 代码问题漏洞
Git for Windows is the Git groups' Git for Windows. A code issue vulnerability exists in versions prior to Git for Windows v2.37.1, which stems from the possibility that the installer can be tricked into executing untrusted binaries...
openSUSE Security Update : libunwind (openSUSE-2019-61)
This update for libunwind fixes one minor security issue and one bug. The following security issue was fixed : - CVE-2015-3239: off-by-one error that could be triggered when reading untrusted binaries boo936786 The following packaging bug was fixed : - boo1122012: The 32 bit were not generated on...
libunwind: off-by-one in dwarf_to_unw_regnum()
An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Red Hat products do not call the API in this way; and it is unlikely that any exploitable attack vector exists in current builds or supported usa...
libunwind: off-by-one in dwarf_to_unw_regnum()
An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Red Hat products do not call the API in this way; and it is unlikely that any exploitable attack vector exists in current builds or supported usa...
libunwind: off-by-one in dwarf_to_unw_regnum()
An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Red Hat products do not call the API in this way; and it is unlikely that any exploitable attack vector exists in current builds or supported usa...
FreeBSD-SA-00:60.boa
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:60 Security Advisory FreeBSD, Inc. Topic: boa web server allows arbitrary file access/execution Category: ports Module: boa Announced: 2000-10-30 Credits: Lluis Mora...