Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
upx project upx vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-46179
Reachable Assertion vulnerability in upx prior to 4.0.0 allows malicious users to cause a denial of service via crafted file passed to the the readx function.
Upx Project Upx
NA
CVE-2021-43311
A heap-based buffer overflow exists in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5382.
Upx Project Upx
NA
CVE-2021-43312
A heap-based buffer overflow exists in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invert_pt_dynamic at p_lx_elf.cpp:5239.
Upx Project Upx
NA
CVE-2021-43313
A heap-based buffer overflow exists in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invert_pt_dynamic at p_lx_elf.cpp:1688.
Upx Project Upx
NA
CVE-2021-43315
A heap-based buffer overflows exists in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5349
Upx Project Upx
NA
CVE-2021-43316
A heap-based buffer overflow exists in upx, during the generic pointer 'p' points to an inaccessible address in func get_le64().
Upx Project Upx
NA
CVE-2021-43317
A heap-based buffer overflows exists in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf64::elf_lookup() at p_lx_elf.cpp:5404
Upx Project Upx
NA
CVE-2021-43314
A heap-based buffer overflows exists in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5368
Upx Project Upx
NA
CVE-2023-23456
A heap-based buffer overflow issue exists in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an malicious user to cause a denial of service (abort) via a crafted file.
Upx Project Upx
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2023-23457
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.
Upx Project Upx
Fedoraproject Fedora 36
Fedoraproject Fedora 37
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »