Lucene search
K

173 matches found

BDU FSTEC
BDU FSTEC
added 2023/04/12 12:0 a.m.5 views

The vulnerabilities of the `stack_protect_prologue` and `stack_protect_epilogue` functions in the GNU Compiler Collection (GCC) for various programming languages allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerabilities of functions stackprotectprologue cfgexpand.c and stackprotectepilogue function.c are related to information leakage in error messages. Exploiting these vulnerabilities can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

8.1CVSS7.5AI score0.02171EPSS
Exploits1References4Affected Software5
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.7 views

SUSE CVE-2002-2439

Integer overflow in the new operator in gcc before 4.8.0 allows attackers to have unspecified impacts...

7.8CVSS7.4AI score0.00548EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.5 views

SUSE CVE-2008-1367

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...

7.5CVSS6.5AI score0.02791EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:16 a.m.5 views

SUSE CVE-2015-5276

The std::randomdevice class in libstdc++ in the GNU Compiler Collection aka GCC before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors...

5CVSS6.8AI score0.02941EPSS
Exploits0References27
SUSE CVE
SUSE CVE
added 2023/02/15 4:42 a.m.3 views

SUSE CVE-2017-11671

Under certain circumstances, the ix86expandbuiltin function in i386.c in GNU Compiler Collection GCC version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially...

4.8CVSS6.9AI score0.00442EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.3 views

SUSE CVE-2018-12886

stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the...

8.1CVSS8.4AI score0.02171EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.4 views

SUSE CVE-2019-15847

The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...

6.2CVSS7AI score0.03207EPSS
Exploits0References64
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.6 views

SUSE CVE-2021-37322

GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c...

7.8CVSS9.1AI score0.00853EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.3 views

SUSE CVE-2022-27943

libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangleconst, as demonstrated by nm-new...

5.5CVSS8.6AI score0.00892EPSS
Exploits1References22
Ubuntu
Ubuntu
added 2022/12/08 8:18 p.m.33 views

USN-5770-1: GCC vulnerability

Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially crafted input. This could potentially lead to less randomness in random number generation...

4CVSS5.7AI score0.00442EPSS
Exploits0
OSV
OSV
added 2022/12/08 8:18 p.m.6 views

USN-5770-1 gcc-5, gccgo-6 vulnerability

Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially crafted input. This could potentially lead to less randomness in random number generation...

4CVSS7.1AI score0.00442EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/12/08 12:0 a.m.28 views

Ubuntu 16.04 ESM : GCC vulnerability (USN-5770-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5770-1 advisory. Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially...

4CVSS5.7AI score0.00442EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/11/15 10:33 a.m.6 views

gcc: uncontrolled recursion in libiberty/rust-demangle.c

A flaw was discovered in the GNU libiberty library within the demanglepath function in rust-demangle.c, as distributed in the GNU Compiler Collection GCC. This flaw allows a crafted symbol to cause stack memory to be exhausted, leading to a crash...

5.5CVSS7.3AI score0.00779EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/08/31 12:0 a.m.4 views

Gcc 安全漏洞

GCC is a collection of GNU compilers. It is mainly used to compile the C and C++ languages. A security vulnerability exists in Gcc. An attacker has exploited this vulnerability to cause g++ to crash during compilation via a specially crafted input source file...

6.7AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/08/31 12:0 a.m.5 views

PT-2022-8940 · Gnu · Gcc

Name of the Vulnerable Software and Affected Versions: gcc affected versions not specified Description: A crafted input source file could cause g++ to crash during compilation when provided certain optimization flags. The issue is related to the ipcp store vr results function in gcc/ipa-cp.c...

7.5CVSS8.9AI score
Exploits0References7
CNNVD
CNNVD
added 2022/08/31 12:0 a.m.6 views

GCC 安全漏洞

GCC is a collection of GNU compilers. It is primarily used to compile the C and C++ languages. A security vulnerability exists in GCC, which stems from an internal compiler error in the matchreload function in lra-constraints.c that causes the input file to crash...

6.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.33 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : gcc Multiple Vulnerabilities (NS-SA-2022-0019)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gcc packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service Fortran application crash...

9.8CVSS8AI score0.05886EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/03/26 12:0 a.m.3 views

GNU GCC 资源管理错误漏洞

Gcc is a collection of Gnu compilers. It is mainly used to compile the C and C++ languages. A security vulnerability exists in GNU GCC 11.2, which stems from a stack overflow in nm-new that can be triggered by an attacker via a crafted elf file...

5.5CVSS6.9AI score0.00892EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2022/03/23 12:0 a.m.4 views

Fedora: Security Advisory for gcc (FEDORA-2022-42ea499a7d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2022/03/17 6:37 p.m.27 views

[SECURITY] Fedora 36 Update: gcc-12.0.1-0.12.fc36

The gcc package contains the GNU Compiler Collection version 12. You'll need this package in order to compile C code...

3.9AI score
Exploits0
Rows per page
Query Builder