Export limit exceeded: 15970 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (15970 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-43315 1 Upx 1 Upx 2025-04-11 7.5 High
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5349
CVE-2021-43316 1 Upx 1 Upx 2025-04-11 7.5 High
A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le64().
CVE-2021-43317 1 Upx 1 Upx 2025-04-11 7.5 High
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf64::elf_lookup() at p_lx_elf.cpp:5404
CVE-2021-43311 1 Upx 1 Upx 2025-04-11 7.5 High
A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5382.
CVE-2020-27798 1 Upx 1 Upx 2025-04-11 5.5 Medium
An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
CVE-2021-43312 1 Upx 1 Upx 2025-04-11 7.5 High
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invert_pt_dynamic at p_lx_elf.cpp:5239.
CVE-2021-43313 1 Upx 1 Upx 2025-04-11 7.5 High
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invert_pt_dynamic at p_lx_elf.cpp:1688.
CVE-2019-14296 1 Upx 1 Upx 2025-04-11 N/A
canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (SEGV or buffer overflow, and application crash) or possibly have unspecified other impact via a crafted UPX packed file.
CVE-2020-27799 1 Upx 1 Upx 2025-04-11 7.8 High
A heap-based buffer over-read was discovered in the acc_ua_get_be32 function in miniacc.h in UPX 4.0.0 via a crafted Mach-O file.
CVE-2019-20053 2 Opensuse, Upx 3 Backports, Leap, Upx 2025-04-11 5.5 Medium
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
CVE-2020-27802 1 Upx 1 Upx 2025-04-11 5.5 Medium
An floating point exception was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
CVE-2020-27801 1 Upx 1 Upx 2025-04-11 7.8 High
A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
CVE-2020-27800 1 Upx 1 Upx 2025-04-11 7.8 High
A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
CVE-2020-27787 1 Upx 1 Upx 2025-04-11 5.5 Medium
A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.
CVE-2020-27797 1 Upx 1 Upx 2025-04-11 5.5 Medium
An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
CVE-2020-27796 1 Upx 1 Upx 2025-04-11 7.8 High
A heap-based buffer over-read was discovered in the invert_pt_dynamic function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
CVE-2014-1452 1 Freebsd 1 Freebsd 2025-04-11 N/A
Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in FreeBSD 8.3 through 10.0, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted GETBULK PDU request.
CVE-2014-1253 1 Apple 1 Boot Camp 2025-04-11 N/A
AppleMNT.sys in Apple Boot Camp 5 before 5.1 allows local users to cause a denial of service (kernel memory corruption) or possibly have unspecified other impact via a malformed header in a Portable Executable (PE) file.
CVE-2013-0752 4 Canonical, Mozilla, Opensuse and 1 more 9 Ubuntu Linux, Firefox, Seamonkey and 6 more 2025-04-11 N/A
Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.
CVE-2003-1576 1 Sun 3 Change Manager, Management Center, Solaris 2025-04-11 N/A
Buffer overflow in pamverifier in Change Manager (CM) 1.0 for Sun Management Center (SunMC) 3.0 on Solaris 8 and 9 on the sparc platform allows remote attackers to execute arbitrary code via unspecified vectors.