Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu gcc vulnerabilities and exploits
(subscribe to this query)
4
CVSSv3
CVE-2017-11671
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 prior to 5.5, and 6 prior to 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it c...
Gnu Gcc 6.2
Gnu Gcc 6.1
Gnu Gcc 4.9
Gnu Gcc 4.8
Gnu Gcc 6.0
Gnu Gcc 5.4
Gnu Gcc 4.7
Gnu Gcc 4.6
Gnu Gcc 5.3
Gnu Gcc 5.2
Gnu Gcc 6.3
Gnu Gcc 5.1
Gnu Gcc 5.0
NA
CVE-2008-1685
gcc 4.2.0 up to and including 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against in...
Gnu Gcc 4.2.4
Gnu Gcc 4.2.0
Gnu Gcc 4.2.1
Gnu Gcc 4.2.3
Gnu Gcc 4.3.0
Gnu Gcc 4.2.2
NA
CVE-2000-1219
The -ftrapv compiler option in gcc and g++ 3.3.3 and previous versions does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.
Gnu G\\+\\+
Gnu Gcc
7.8
CVSSv3
CVE-2021-37322
GCC c++filt v2.26 exists to contain a use-after-free vulnerability via the component cplus-dem.c.
Gnu Binutils
Gnu Gcc
4.8
CVSSv3
CVE-2023-4039
**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an malicious user to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure o...
Gnu Gcc
NA
CVE-2015-5276
The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) prior to 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent malicious users to predict the random values via unspecified vectors.
Gnu Gcc
7.8
CVSSv3
CVE-2002-2439
Integer overflow in the new[] operator in gcc prior to 4.8.0 allows malicious users to have unspecified impacts.
Gnu Gcc
8.1
CVSSv3
CVE-2018-12886
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows ...
Gnu Gcc
2 Github repositories
NA
CVE-2006-1902
fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into app...
Gnu Gcc 4.1
NA
CVE-2008-1367
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong dir...
Gnu Gcc 4.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »