CVE-2025-68114
- EPSS 0.04%
- Veröffentlicht 17.12.2025 21:14:31
- Zuletzt bearbeitet 02.01.2026 18:33:09
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflo...
CVE-2025-67873
- EPSS 0.02%
- Veröffentlicht 17.12.2025 21:12:13
- Zuletzt bearbeitet 02.01.2026 18:39:54
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer...
CVE-2016-7151
- EPSS 0.31%
- Veröffentlicht 15.05.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 02:57:35
Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_insn_reg_intel in arch/X86/X86Mapping.c.
CVE-2017-6952
- EPSS 0.35%
- Veröffentlicht 16.03.2017 21:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service (heap-based buffer overflow in a kernel driver) or possibly have unspecified other impact via a large v...