Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

upx project upx vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2021-46179
Reachable Assertion vulnerability in upx prior to 4.0.0 allows malicious users to cause a denial of service via crafted file passed to the the readx function.
Upx Project Upx
NA
CVE-2021-43311
A heap-based buffer overflow exists in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5382.
Upx Project Upx
NA
CVE-2021-43312
A heap-based buffer overflow exists in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invert_pt_dynamic at p_lx_elf.cpp:5239.
Upx Project Upx
NA
CVE-2021-43313
A heap-based buffer overflow exists in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invert_pt_dynamic at p_lx_elf.cpp:1688.
Upx Project Upx
NA
CVE-2021-43315
A heap-based buffer overflows exists in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5349
Upx Project Upx
NA
CVE-2021-43316
A heap-based buffer overflow exists in upx, during the generic pointer 'p' points to an inaccessible address in func get_le64().
Upx Project Upx
NA
CVE-2021-43317
A heap-based buffer overflows exists in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf64::elf_lookup() at p_lx_elf.cpp:5404
Upx Project Upx
NA
CVE-2021-43314
A heap-based buffer overflows exists in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5368
Upx Project Upx
NA
CVE-2023-23456
A heap-based buffer overflow issue exists in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an malicious user to cause a denial of service (abort) via a crafted file.
Upx Project UpxFedoraproject Fedora 36Fedoraproject Fedora 37
NA
CVE-2023-23457
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.
Upx Project UpxFedoraproject Fedora 36Fedoraproject Fedora 37
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802template injectionCVE-2024-0044code injectionCVE-2024-35474CVE-2024-27857CVE-2024-23251CVE-2024-23692physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook