Upx

Upx

35 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2025-2849

Exploit
  • EPSS 0.03%
  • Veröffentlicht 27.03.2025 13:31:06
  • Zuletzt bearbeitet 11.04.2025 16:09:36

A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::un_DT_INIT of the file src/p_lx_elf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the a...

9.8

CVE-2024-3209

Exploit
  • EPSS 0.27%
  • Veröffentlicht 02.04.2024 23:15:55
  • Zuletzt bearbeitet 25.04.2025 14:33:54

A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function get_ne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be us...

6.5

CVE-2021-46179

  • EPSS 0.11%
  • Veröffentlicht 22.08.2023 19:16:21
  • Zuletzt bearbeitet 11.04.2025 12:27:55

Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function.

7.5

CVE-2021-43312

Exploit
  • EPSS 0.11%
  • Veröffentlicht 24.03.2023 20:15:08
  • Zuletzt bearbeitet 11.04.2025 12:27:55

A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invert_pt_dynamic at p_lx_elf.cpp:5239.

7.5

CVE-2021-43311

Exploit
  • EPSS 0.11%
  • Veröffentlicht 24.03.2023 20:15:08
  • Zuletzt bearbeitet 11.04.2025 12:27:55

A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5382.

7.5

CVE-2021-43313

Exploit
  • EPSS 0.11%
  • Veröffentlicht 24.03.2023 20:15:08
  • Zuletzt bearbeitet 11.04.2025 12:27:55

A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invert_pt_dynamic at p_lx_elf.cpp:1688.

7.5

CVE-2021-43314

Exploit
  • EPSS 0.11%
  • Veröffentlicht 24.03.2023 20:15:08
  • Zuletzt bearbeitet 11.04.2025 12:27:55

A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5368

7.5

CVE-2021-43315

Exploit
  • EPSS 0.11%
  • Veröffentlicht 24.03.2023 20:15:08
  • Zuletzt bearbeitet 11.04.2025 12:27:55

A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5349

7.5

CVE-2021-43316

Exploit
  • EPSS 0.11%
  • Veröffentlicht 24.03.2023 20:15:08
  • Zuletzt bearbeitet 11.04.2025 12:27:55

A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le64().

7.5

CVE-2021-43317

Exploit
  • EPSS 0.11%
  • Veröffentlicht 24.03.2023 20:15:08
  • Zuletzt bearbeitet 11.04.2025 12:27:55

A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf64::elf_lookup() at p_lx_elf.cpp:5404