Gnu Binutils vulnerabilities

285 known vulnerabilities affecting gnu/binutils.

Total CVEs
285
CISA KEV
0
Public exploits
12
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH112MEDIUM153LOW15

Vulnerabilities

Page 15 of 15
CVE-2012-3509MEDIUMCVSS 5.0≥ 2.22, < 2.242012-09-05
CVE-2012-3509 [MEDIUM] CWE-189 CVE-2012-3509: Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow.
nvdosv
CVE-2008-2310MEDIUMCVSS 6.8≥ 0, < 2.18.1~cvs20080103-12008-07-01
CVE-2008-2310 [MEDIUM] CVE-2008-2310: Format string vulnerability in c++filt in Apple Mac OS X 10 Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code.
osv
CVE-2006-2362HIGHCVSS 7.3PoCfixed in 2.172006-05-15
CVE-2006-2362 [HIGH] CWE-787 CVE-2006-2362: Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 2006 Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a val
nvdosv
CVE-2005-4808HIGHCVSS 7.6fixed in 2.172005-12-31
CVE-2005-4808 [HIGH] CVE-2005-4808: Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foun Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file.
nvdosv
CVE-2005-4807HIGHCVSS 7.5PoCfixed in 2.172005-12-31
CVE-2005-4807 [HIGH] CWE-119 CVE-2005-4807: Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Fr Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code.
nvdosv
← Previous15 / 15