Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu binutils 2.28 vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2017-6969
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9038
GNU Binutils 2.28 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind ...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9040
GNU Binutils 2017-04-03 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9041
GNU Binutils 2.28 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c.
Gnu Binutils 2.28
7.8
CVSSv3
CVE-2017-9042
readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9044
The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote malicious users to cause a denial of service (invalid read and SEGV) via a crafted ELF file.
Gnu Binutils 2.28
7.5
CVSSv3
CVE-2017-7227
GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l.
Gnu Binutils 2.28
7.8
CVSSv3
CVE-2017-9753
The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote malicious users to cause a denial of service (buffer overflow and appl...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9954
The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstra...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-7209
The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.
Gnu Binutils 2.28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »