Vulnerabilities > UPX Project

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2021-46179 Reachable Assertion vulnerability in UPX Project UPX
Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function.
network
low complexity
upx-project CWE-617
6.5
6.5
2023-03-24 CVE-2021-43311 Out-of-bounds Write vulnerability in UPX Project UPX
A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32().
network
low complexity
upx-project CWE-787
7.5
7.5
2023-03-24 CVE-2021-43312 Out-of-bounds Write vulnerability in UPX Project UPX
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address.
network
low complexity
upx-project CWE-787
7.5
7.5
2023-03-24 CVE-2021-43313 Out-of-bounds Write vulnerability in UPX Project UPX
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address.
network
low complexity
upx-project CWE-787
7.5
7.5
2023-03-24 CVE-2021-43314 Out-of-bounds Write vulnerability in UPX Project UPX
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32().
network
low complexity
upx-project CWE-787
7.5
7.5
2023-03-24 CVE-2021-43315 Out-of-bounds Write vulnerability in UPX Project UPX
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32().
network
low complexity
upx-project CWE-787
7.5
7.5
2023-03-24 CVE-2021-43316 Out-of-bounds Write vulnerability in UPX Project UPX
A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le64().
network
low complexity
upx-project CWE-787
7.5
7.5
2023-03-24 CVE-2021-43317 Out-of-bounds Write vulnerability in UPX Project UPX
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32().
network
low complexity
upx-project CWE-787
7.5
7.5
2023-01-12 CVE-2023-23456 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file.
local
low complexity
upx-project fedoraproject CWE-787
5.5
5.5
2023-01-12 CVE-2023-23457 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp.
local
low complexity
upx-project fedoraproject CWE-119
5.5
5.5