EUVD-2021-17422

Malware in sbrugna...

EUVD-2020-20299

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-20053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalid memory address dereference was discovered in the canUnpack function in pmach.cpp in UPX 3.95 via a crafted Mach-O file. CVE-2019-20053 Note that Ness...

Linux Distros Unpatched Vulnerability : CVE-2019-20051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A floating-point exception was discovered in PackLinuxElf::elfhash in plxelf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to deni...

CVE-2020-27796

A heap-based buffer over-read was discovered in the invertptdynamic function in plxelf.cpp in UPX 4.0.0 via a crafted Mach-O file...

UPX 数字错误漏洞

UPX is a portable and extensible executable compression program. A security vulnerability exists in UPX version 4.0.0, which stems from an attacker being able to cause a floating-point exception in the elflookup function of its plxelf.cpp component via a carefully crafted Mach-O file...

CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...

CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service abort via a crafted file...

PT-2022-8873 · Upx +2 · Upx +2

Name of the Vulnerable Software and Affected Versions: UPX version 4.0.0 Description: A heap-based buffer over-read issue was discovered in the acc ua get be32 function, located in the miniacc.h file, which can be exploited via a crafted Mach-O file. Recommendations: For UPX version 4.0.0, at the...

PT-2022-8872 · Upx +2 · Upx +2

Name of the Vulnerable Software and Affected Versions: UPX version 4.0.0 Description: A memory-related issue was found in the adjABS function within the p lx elf.cpp file of UPX, which can be triggered by a specially crafted Mach-O file. Recommendations: For UPX version 4.0.0, at the moment, ther...

MGASA-2020-0012 Updated upx packages fix security vulnerability

The updated package fixes security vulnerabilities: An Integer overflow in the getElfSections function in pvmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an...

PT-2018-10421 · Upx Team +2 · Upx +2

Name of the Vulnerable Software and Affected Versions: UPX version 3.95 Description: The issue allows remote attackers to cause a denial of service, limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file. This is...

UBUNTU-CVE-2017-16869

DISPUTED pmach.cpp in UPX 3.94 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via a crafted Mach-O file, related to canPack and unpack functions. NOTE: the vendor has stated "there is no security implicati...