raptor
Hi there, CVE-2024-25388 was assigned to this vulnerability. I'm planning to publish my security advisory and writeup on March 5th. Thanks.
Hi, it's been one month since I reported this vulnerability, and I wanted to ask if you have any update. As standard practice, I plan to request a CVE ID...
Hi there, CVE-2024-25390 was assigned to this vulnerability. I'm planning to publish my security advisory and writeup on March 5th. Thanks.
Looks like it's solved in 1.36.0 (macOS ventura Intel).
Based on a quick search of the coverage table provided by Qualys at the end of their blog post (https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit), I'd say that at least the following additional Linux distributions...
Hi! Thank you for your comment, I'll think about it as there are many potential false positives with this rule.
Hi Riccardo, thank you for your interest in this project! I'm going to need some time to properly review your PR before accepting it. Just a few remarks after a...
Thank you for your comments, I'll check them out and integrate them in the solutions when I have time. Cheers!
It might be impractical to act at the PCode/pseudocode layer using the Ghidra API to remove annotations that confuse Semgrep, although I still have to investigate this more deeply. The...
Also, handle `try/catch/throw` construct (IDA) and possibly other C++ stuff (Ghidra, other decompilers) by changing pseudocode file extension to `.cpp` where appropriate. EDIT: try scanning the same pseudocode with `.c`...