Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu binutils vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-8421
The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_i...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9955
The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certai...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2018-20623
In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.
Gnu Binutils 2.31.1
1 Github repository
5.5
CVSSv3
CVE-2018-20651
A NULL pointer dereference exists in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote mali...
Gnu Binutils 2.31.1
5.5
CVSSv3
CVE-2018-20673
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrat...
Gnu Binutils 2.31.1
6.5
CVSSv3
CVE-2018-20712
A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
Gnu Binutils 2.31.1
7.8
CVSSv3
CVE-2017-9749
The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote malicious users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during &...
Gnu Binutils 2.28
1 EDB exploit
7.8
CVSSv3
CVE-2017-9751
opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote malicious users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandlin...
Gnu Binutils 2.28
7.8
CVSSv3
CVE-2017-9752
bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote malicious users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, a...
Gnu Binutils 2.28
7.8
CVSSv3
CVE-2017-9753
The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote malicious users to cause a denial of service (buffer overflow and appl...
Gnu Binutils 2.28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-coded
CVE-2024-27202
NULL pointer dereference
CVE-2024-28075
CVE-2024-33608
CVE-2024-28889
CVE-2024-34572
template injection
CVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »