Unicorn-engine Unicorn Engine — known CVE vulnerabilities
Every CVE whose affected-product data names Unicorn-engine Unicorn Engine, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2021-44078 — CVSS 8.1 (high): An issue was discovered in split_region in uc.c in Unicorn Engine before 2.0.0-rc5. It allows local attackers to escape the sandbox. An…
CVE-2022-29692 — CVSS 7.8 (high): Unicorn Engine v1.0.3 was discovered to contain a use-after-free vulnerability via the hook function.
CVE-2022-29693 — CVSS 7.5 (high): Unicorn Engine v2.0.0-rc7 and below was discovered to contain a memory leak via the function uc_close at /my/unicorn/uc.c.
CVE-2022-29694 — CVSS 7.5 (high): Unicorn Engine v2.0.0-rc7 and below was discovered to contain a NULL pointer dereference via qemu_ram_free.
CVE-2022-29695 — CVSS 7.5 (high): Unicorn Engine v2.0.0-rc7 contains memory leaks caused by an incomplete unicorn engine initialization.
CVE-2021-36979 — CVSS 5.5 (medium): Unicorn Engine 1.0.2 has an out-of-bounds write in tb_flush_armeb (called from cpu_arm_exec_armeb and tcg_cpu_exec_armeb).