Linux Distros Unpatched Vulnerability : CVE-2019-20805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - plxelf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PTDYNAMIC segment. CVE-2019-20805 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2025-2849

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::unDTINIT of the file src/plxelf.cpp...

Linux Distros Unpatched Vulnerability : CVE-2017-15056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other...

Linux Distros Unpatched Vulnerability : CVE-2020-27788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack function of plxelf.cpp file. An attacker with a crafted input file...

Linux Distros Unpatched Vulnerability : CVE-2020-27790

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A floating point exception issue was discovered in UPX in PackLinuxElf64::invertptdynamic function of plxelf.cpp file. An attacker with a crafted input file cou...

Linux Distros Unpatched Vulnerability : CVE-2019-14295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Integer overflow in the getElfSections function in pvmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service crash via a skewed offset...

Linux Distros Unpatched Vulnerability : CVE-2020-27787

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Segmentaation fault was found in UPX in invertptdynamic function in plxelf.cpp. An attacker with a crafted input file allows invalid memory address access tha...

MAL-2025-23457 Malicious code in isv-upx-client (npm)

The package isv-upx-client was found to contain malicious code...

Malicious code in isv-upx-client (npm)

The package isv-upx-client was found to contain malicious code...

Advisory ROSA-SA-2025-2935

software: upx 5.0.0 WASP: ROSA-CHROME unaffected versions = upx-5.0.0.0-1 affected versions upx-5.0.0-1 CVE-ID: CVE-2025-2849 BDU-ID: 2025-06969 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the PackLinuxElf64::unDTINIT function of the src/plxelf.cpp file of the UPX executable file packer is...

ROS-20250616-06

UPX executable packer vulnerability is related to buffer overflow in PackLinuxElf64::unDTINIT of the src/plxelf.cpp file. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Fedora 42 : upx (2025-f050ec7d1b)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f050ec7d1b advisory. 5.0.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for these...

Fedora: Security Advisory (FEDORA-2025-f050ec7d1b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-c91006eca6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-27797

An invalid memory address reference was discovered in the elflookup function in plxelf.cpp in UPX 4.0.0 via a crafted Mach-O file...

CVE-2020-27796

A heap-based buffer over-read was discovered in the invertptdynamic function in plxelf.cpp in UPX 4.0.0 via a crafted Mach-O file...

CVE-2020-27788

An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack function of plxelf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service...

CVE-2020-27800

A heap-based buffer over-read was discovered in the getle32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file...

CVE-2020-27787

A Segmentaation fault was found in UPX in invertptdynamic function in plxelf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service...

CVE-2020-27798

An invalid memory address reference was discovered in the adjABS function in plxelf.cpp in UPX 4.0.0 via a crafted Mach-O file...