Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu gcc vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2002-2439
Integer overflow in the new[] operator in gcc prior to 4.8.0 allows malicious users to have unspecified impacts.
Gnu Gcc
446
VMScore
CVE-2019-15847
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For exam...
Gnu Gcc
Opensuse Leap 15.0
Opensuse Leap 15.1
606
VMScore
CVE-2018-12886
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows ...
Gnu Gcc
2 Github repositories
187
VMScore
CVE-2017-11671
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 prior to 5.5, and 6 prior to 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it c...
Gnu Gcc 6.2
Gnu Gcc 6.1
Gnu Gcc 4.9
Gnu Gcc 4.8
Gnu Gcc 6.0
Gnu Gcc 5.4
Gnu Gcc 4.7
Gnu Gcc 4.6
Gnu Gcc 5.3
Gnu Gcc 5.2
Gnu Gcc 6.3
Gnu Gcc 5.1
Gnu Gcc 5.0
409
VMScore
CVE-2016-4973
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
Gnu Libssp -
436
VMScore
CVE-2016-7042
The proc_keys_show function in security/keys/proc.c in the Linux kernel up to and including 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (sta...
Linux Linux Kernel
445
VMScore
CVE-2015-5276
The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) prior to 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent malicious users to predict the random values via unspecified vectors.
Gnu Gcc
614
VMScore
CVE-2009-3736
ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 prior to 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
Gnu Libtool 1.5.10
Gnu Libtool 1.5.12
Gnu Libtool 1.5.14
Gnu Libtool 1.5
Gnu Libtool 2.2.6a
Gnu Libtool 1.5.16
Gnu Libtool 1.5.18
Gnu Libtool 1.5.2
Gnu Libtool 1.5.4
Gnu Libtool 1.5.20
Gnu Libtool 1.5.22
Gnu Libtool 1.5.6
Gnu Libtool 1.5.8
Gnu Libtool 1.5.24
Gnu Libtool 1.5.26
605
VMScore
CVE-2008-1685
gcc 4.2.0 up to and including 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against in...
Gnu Gcc 4.2.4
Gnu Gcc 4.2.0
Gnu Gcc 4.2.1
Gnu Gcc 4.2.3
Gnu Gcc 4.3.0
Gnu Gcc 4.2.2
668
VMScore
CVE-2008-1367
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong dir...
Gnu Gcc 4.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »