Lucene search
K

295 matches found

CNNVD
CNNVD
added 2020/12/26 12:0 a.m.6 views

GNU Binutils 缓冲区错误漏洞

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A heap buffer overflow vulnerability exists in bfdgetlsigned32 in libbfd.c in the Binary File Descriptor BFD library used in GNU Binutils 2.35.1. T...

4.3CVSS7AI score0.01278EPSS
Exploits1References15
CNNVD
CNNVD
added 2020/12/09 12:0 a.m.10 views

GNU Binutils Code Problem Vulnerability

GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily used to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...

5.5CVSS6.9AI score0.01181EPSS
Exploits1References9
Veracode
Veracode
added 2020/12/06 4:29 a.m.21 views

Denial Of Service (DoS)

binutils is vulnerable to denial of service DoS. The vulnerability exists in setupgroup function which allows a malicious user to cause an application crash...

7.5CVSS3AI score0.07486EPSS
Exploits1References17Affected Software1
Veracode
Veracode
added 2020/12/06 4:20 a.m.28 views

Arbitrary File Write

binutils is vulnerable to directory traversal. Local users are able to delete arbitrary files via a ../ in the file name or an absolute path name in a malicious archive to strip or perform an objcopy or create arbitrary files...

3.6CVSS4.1AI score0.0104EPSS
Exploits1References21Affected Software1
Veracode
Veracode
added 2020/09/21 6:38 a.m.24 views

Denial Of Service (DoS)

binutils is vulnerable to denial of service DoS. The vulnerability exists through an out-of-bounds read in bfdgetl32 of libbfd.c, when called from the pex64getruntimefunction in pei-x8664.c...

5.5CVSS2.8AI score0.01569EPSS
Exploits1References7Affected Software1
Veracode
Veracode
added 2020/09/21 6:32 a.m.19 views

Denial Of Service (DoS)

binutils is vulnerable to denial of serviceDoS. The elfparsenotes function in elf.c in the Binary File Descriptor BFD library aka libbfd allows remote attackers to cause a denial of service out-of-bounds read and segmentation violation via a note with a large alignment...

5.5CVSS5.4AI score0.02209EPSS
Exploits1References7Affected Software1
Veracode
Veracode
added 2020/09/21 6:30 a.m.19 views

Denial Of Service (DoS)

binutils is vulnerable to denial of service. An attacker to cause excessive memory consumption in the rememberKtype in cplus-dem.c, potentially resulting in an application crash...

7.5CVSS3.8AI score0.03252EPSS
Exploits1References5Affected Software1
Veracode
Veracode
added 2020/09/21 6:30 a.m.24 views

Arbitrary Code Execution

binutils is vulnerable to arbitrary code execution. A heap-based buffer overflow in bfdarchive64bitslurparmap in archive64.c allows an attacker to execute arbitrary code on the host OS...

7.8CVSS4.1AI score0.01697EPSS
Exploits1References7Affected Software1
CNVD
CNVD
added 2019/10/11 12:0 a.m.2 views

GNU Binutils Denial of Service Vulnerability (CNVD-2019-34651)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library used in GNU Binutils 2.32. A...

6.5CVSS6.8AI score0.02752EPSS
Exploits1References1
Veracode
Veracode
added 2019/08/08 12:7 a.m.28 views

Arbitrary Code Execution

binutils is vulnerable to arbitrary code execution. An integer overflow in objdump, bfdgetdynamicrelocupperbound and bfdcanonicalizedynamicreloc allows a local attacker to execute arbitrary code...

7.8CVSS4.2AI score0.00656EPSS
Exploits1References14Affected Software2
Veracode
Veracode
added 2019/05/16 3:54 a.m.25 views

Denial Of Service (DoS)

Binutils is vulnerable to denial of service DoS attacks. The vulnerability exists in the Binary File Descriptor BFD library. An attacker could cause an application crash via a crafted ELF file impacting availability of the application...

5.5CVSS5.9AI score0.03095EPSS
Exploits1References12Affected Software2
CNVD
CNVD
added 2019/02/25 12:0 a.m.4 views

GNU Binutils Excessive Memory Allocation Attempt Vulnerability

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. An excessive memory allocation attempt vulnerability exists in elfreadnotes in elf.c in the Binary File Descriptor BFD library known as libbfd used...

5.5CVSS7.6AI score0.01228EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2019/02/15 12:0 a.m.6 views

The vulnerability of the _bfd_add_merge_section function in the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the bfdaddmergesection function in the GNU Binutils development environment is related to the assignment of a null pointer when attempting to merge sections with large differences. Exploiting this vulnerability could allow an attacker to trigger a service failure...

5.5CVSS6.5AI score0.0232EPSS
Exploits1References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/02/15 12:0 a.m.7 views

The vulnerability in the cplus-dem.c file of the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability in the cplus-dem.c file of the GNU Binutils development environment is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.01333EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2019/02/15 12:0 a.m.5 views

The vulnerability of the `ignore_section_sym` function in the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the ignoresectionsym function in the GNU Binutils development toolset is related to the lack of NULL check and the assignment of the outputsection pointer when writing a symtab with the type “SECTION”. Exploitation of this vulnerability could allow an attacker to cause servic...

5.5CVSS6.4AI score0.02236EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2019/02/15 12:0 a.m.4 views

The vulnerability of the elf_link_input_bfd function in the GNU Binutils development environment, related to the handling of zero pointer assignments, allows a hacker to trigger a service failure.

The vulnerability of the elflinkinputbfd function in the GNU Binutils development toolset is related to the use of a null pointer pointer when searching for STTTLS symbols, especially when TLS sections are not present. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.0232EPSS
Exploits1References10Affected Software2
Veracode
Veracode
added 2019/01/15 9:26 a.m.21 views

Denial Of Service (DoS)

binutils is vulnerable to denial of service. A heap-based buffer over-read in the processcutuindex function in dwarf.c allows a remote attacker to crash the application via a malicious file...

5.5CVSS6.2AI score0.02412EPSS
Exploits1References12Affected Software2
OSV
OSV
added 2018/12/20 5:29 p.m.26 views

CVE-2018-1000876

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound,bfdcanonicalizedynamicreloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be...

7.8CVSS7.2AI score
Exploits0References7
OSV
OSV
added 2018/12/20 5:29 p.m.3 views

UBUNTU-CVE-2018-1000876

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound,bfdcanonicalizedynamicreloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be...

7.8CVSS7.1AI score0.00656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2018/10/30 5:30 p.m.5 views

binutils: Integer overflow in the display_debug_ranges function resulting in crash

The displaydebugranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump...

7.8CVSS7.6AI score0.02367EPSS
Exploits0References4
Rows per page
Query Builder