Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu gcc vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2002-2439
Integer overflow in the new[] operator in gcc prior to 4.8.0 allows malicious users to have unspecified impacts.
Gnu Gcc
5
CVSSv2
CVE-2019-15847
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For exam...
Gnu Gcc
Opensuse Leap 15.0
Opensuse Leap 15.1
6.8
CVSSv2
CVE-2018-12886
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows ...
Gnu Gcc
2 Github repositories
2.1
CVSSv2
CVE-2017-11671
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 prior to 5.5, and 6 prior to 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it c...
Gnu Gcc 6.2
Gnu Gcc 6.1
Gnu Gcc 4.9
Gnu Gcc 4.8
Gnu Gcc 6.0
Gnu Gcc 5.4
Gnu Gcc 4.7
Gnu Gcc 4.6
Gnu Gcc 5.3
Gnu Gcc 5.2
Gnu Gcc 6.3
Gnu Gcc 5.1
Gnu Gcc 5.0
4.6
CVSSv2
CVE-2016-4973
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
Gnu Libssp -
4.9
CVSSv2
CVE-2016-7042
The proc_keys_show function in security/keys/proc.c in the Linux kernel up to and including 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (sta...
Linux Linux Kernel
5
CVSSv2
CVE-2015-5276
The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) prior to 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent malicious users to predict the random values via unspecified vectors.
Gnu Gcc
6.9
CVSSv2
CVE-2009-3736
ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 prior to 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
Gnu Libtool 1.5.10
Gnu Libtool 1.5.12
Gnu Libtool 1.5.14
Gnu Libtool 1.5
Gnu Libtool 2.2.6a
Gnu Libtool 1.5.16
Gnu Libtool 1.5.18
Gnu Libtool 1.5.2
Gnu Libtool 1.5.4
Gnu Libtool 1.5.20
Gnu Libtool 1.5.22
Gnu Libtool 1.5.6
Gnu Libtool 1.5.8
Gnu Libtool 1.5.24
Gnu Libtool 1.5.26
6.8
CVSSv2
CVE-2008-1685
gcc 4.2.0 up to and including 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against in...
Gnu Gcc 4.2.4
Gnu Gcc 4.2.0
Gnu Gcc 4.2.1
Gnu Gcc 4.2.3
Gnu Gcc 4.3.0
Gnu Gcc 4.2.2
7.5
CVSSv2
CVE-2008-1367
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong dir...
Gnu Gcc 4.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »