Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
binutils vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-7299
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF rel...
Gnu Binutils 2.28
7.5
CVSSv3
CVE-2017-7301
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linke...
Gnu Binutils 2.28
7.1
CVSSv3
CVE-2021-3549
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerabi...
Gnu Binutils 2.36
5.5
CVSSv3
CVE-2017-6965
readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-6966
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.
Gnu Binutils 2.28
9.1
CVSSv3
CVE-2017-6969
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.
Gnu Binutils 2.28
7.8
CVSSv3
CVE-2017-9743
The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote malicious users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling ...
Gnu Binutils 2.28
7.8
CVSSv3
CVE-2017-9745
The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote malicious users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9954
The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstra...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9955
The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certai...
Gnu Binutils 2.28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »