Every CVE whose affected-product data names Gnu Binutils, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2017-7614 — CVSS 9.8 (critical): elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null…
CVE-2014-9939 — CVSS 9.8 (critical): ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects.
CVE-2018-12699 — CVSS 9.8 (critical): finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have…
CVE-2017-7226 — CVSS 9.1 (critical): The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable…
CVE-2017-6969 — CVSS 9.1 (critical): readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can…
CVE-2020-19726 — CVSS 8.8 (high): An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory…
CVE-2017-12449 — CVSS 7.8 (high): The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2017-12450 — CVSS 7.8 (high): The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2017-12451 — CVSS 7.8 (high): The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd)…
CVE-2017-12452 — CVSS 7.8 (high): The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as…
CVE-2017-12453 — CVSS 7.8 (high): The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29…
CVE-2017-12454 — CVSS 7.8 (high): The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2017-12455 — CVSS 7.8 (high): The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2017-12456 — CVSS 7.8 (high): The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds…
CVE-2017-12457 — CVSS 7.8 (high): The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2017-9743 — CVSS 7.8 (high): The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service…
CVE-2017-9742 — CVSS 7.8 (high): The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer…
CVE-2017-9043 — CVSS 7.8 (high): readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to…
CVE-2017-9042 — CVSS 7.8 (high): readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial…
CVE-2017-12458 — CVSS 7.8 (high): The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2017-12459 — CVSS 7.8 (high): The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2017-12799 — CVSS 7.8 (high): The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and…
CVE-2022-45703 — CVSS 7.8 (high): Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.
CVE-2026-6846 — CVSS 7.8 (high): A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object…
CVE-2022-44840 — CVSS 7.8 (high): Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.
CVE-2021-45078 — CVSS 7.8 (high): stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow)…
CVE-2021-37322 — CVSS 7.8 (high): GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.
CVE-2021-20294 — CVSS 7.8 (high): A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could…
CVE-2017-14333 — CVSS 7.8 (high): The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow…
CVE-2019-9077 — CVSS 7.8 (high): An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS…
CVE-2017-14729 — CVSS 7.8 (high): The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not…
CVE-2017-14745 — CVSS 7.8 (high): The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29…
CVE-2019-9075 — CVSS 7.8 (high): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based…
CVE-2019-9070 — CVSS 7.8 (high): An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in…
CVE-2018-7643 — CVSS 7.8 (high): The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow…
CVE-2018-7208 — CVSS 7.8 (high): In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2018-6543 — CVSS 7.8 (high): In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()`…
CVE-2018-6323 — CVSS 7.8 (high): The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has…
CVE-2018-19931 — CVSS 7.8 (high): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a…
CVE-2018-18483 — CVSS 7.8 (high): The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of…
CVE-2017-15020 — CVSS 7.8 (high): dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows…
CVE-2018-1000876 — CVSS 7.8 (high): binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_d…
CVE-2017-9756 — CVSS 7.8 (high): The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service…
CVE-2017-9755 — CVSS 7.8 (high): opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a…
CVE-2017-9754 — CVSS 7.8 (high): The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28…
CVE-2017-9753 — CVSS 7.8 (high): The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2017-9752 — CVSS 7.8 (high): bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to…
CVE-2017-15996 — CVSS 7.8 (high): elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly…
CVE-2017-16826 — CVSS 7.8 (high): The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2017-16827 — CVSS 7.8 (high): The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2017-16828 — CVSS 7.8 (high): The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow…
CVE-2017-16829 — CVSS 7.8 (high): The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in…
CVE-2017-16830 — CVSS 7.8 (high): The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms…
CVE-2017-16831 — CVSS 7.8 (high): coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol…
CVE-2017-16832 — CVSS 7.8 (high): The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2017-9751 — CVSS 7.8 (high): opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service…
CVE-2017-17121 — CVSS 7.8 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of…
CVE-2017-17122 — CVSS 7.8 (high): The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows…
CVE-2017-9750 — CVSS 7.8 (high): opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of…
CVE-2017-17124 — CVSS 7.8 (high): The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2017-17125 — CVSS 7.8 (high): nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service…
CVE-2017-17126 — CVSS 7.8 (high): The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory…
CVE-2017-9749 — CVSS 7.8 (high): The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service (buffer overflow and…
CVE-2017-9748 — CVSS 7.8 (high): The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28…
CVE-2017-9746 — CVSS 7.8 (high): The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and…
CVE-2017-9745 — CVSS 7.8 (high): The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2022-47695 — CVSS 7.8 (high): An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via…
CVE-2017-9744 — CVSS 7.8 (high): The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2022-47673 — CVSS 7.8 (high): An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a…
CVE-2017-12448 — CVSS 7.8 (high): The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29…
CVE-2022-47696 — CVSS 7.8 (high): An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via…
CVE-2017-9747 — CVSS 7.8 (high): The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28…
CVE-2005-4808 — CVSS 7.6 (high): Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714…
CVE-2005-4807 — CVSS 7.5 (high): Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils…
CVE-2014-8485 — CVSS 7.5 (high): The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service…
CVE-2014-8501 — CVSS 7.5 (high): The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of…
CVE-2014-8502 — CVSS 7.5 (high): Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to…
CVE-2014-8503 — CVSS 7.5 (high): Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a…
CVE-2014-8504 — CVSS 7.5 (high): Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a…
CVE-2017-13710 — CVSS 7.5 (high): The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows…
CVE-2017-15938 — CVSS 7.5 (high): dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die…
CVE-2017-7223 — CVSS 7.5 (high): GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from…
CVE-2017-7225 — CVSS 7.5 (high): The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name…
CVE-2017-7227 — CVSS 7.5 (high): GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a…
CVE-2017-7300 — CVSS 7.5 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in…
CVE-2017-7301 — CVSS 7.5 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in…
CVE-2017-7302 — CVSS 7.5 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in…
CVE-2017-7303 — CVSS 7.5 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4)…
CVE-2017-7304 — CVSS 7.5 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8)…
CVE-2017-8392 — CVSS 7.5 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8…
CVE-2017-8393 — CVSS 7.5 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read…
CVE-2017-8394 — CVSS 7.5 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due…
CVE-2017-8395 — CVSS 7.5 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8…
CVE-2017-8396 — CVSS 7.5 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1…
CVE-2017-8397 — CVSS 7.5 (high): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and…
CVE-2017-8398 — CVSS 7.5 (high): dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This…
CVE-2018-12697 — CVSS 7.5 (high): A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU…
CVE-2018-12698 — CVSS 7.5 (high): demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory…
CVE-2018-12934 — CVSS 7.5 (high): remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory…
CVE-2018-20657 — CVSS 7.5 (high): The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted…
CVE-2020-35342 — CVSS 7.5 (high): GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow…
CVE-2021-3530 — CVSS 7.5 (high): A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted…
CVE-2025-66862 — CVSS 7.5 (high): A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service…
CVE-2025-66863 — CVSS 7.5 (high): An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service…
CVE-2025-66864 — CVSS 7.5 (high): An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service…
CVE-2025-66865 — CVSS 7.5 (high): An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service…
CVE-2025-66866 — CVSS 7.5 (high): An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via…
CVE-2025-69649 — CVSS 7.5 (high): GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header…
CVE-2025-69650 — CVSS 7.5 (high): GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data…
CVE-2006-2362 — CVSS 7.3 (high): Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows…
CVE-2021-3549 — CVSS 7.1 (high): An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to…
CVE-2019-17450 — CVSS 6.5 (medium): find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows…
CVE-2018-17794 — CVSS 6.5 (medium): An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in…
CVE-2018-20712 — CVSS 6.5 (medium): A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils…
CVE-2023-1972 — CVSS 6.5 (medium): A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.
CVE-2018-10373 — CVSS 6.5 (medium): concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote…
CVE-2017-12967 — CVSS 6.5 (medium): The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows…
CVE-2019-17451 — CVSS 6.5 (medium): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer…
CVE-2021-32256 — CVSS 6.5 (medium): An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in…
CVE-2021-20197 — CVSS 6.3 (medium): There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip…
CVE-2025-69648 — CVSS 6.2 (medium): GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF…
CVE-2025-69647 — CVSS 6.2 (medium): GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists…
CVE-2025-69652 — CVSS 6.2 (medium): GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with…
CVE-2020-35494 — CVSS 6.1 (medium): There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could…
CVE-2026-4647 — CVSS 6.1 (medium): A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables…
CVE-2026-3441 — CVSS 6.1 (medium): A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker…
CVE-2026-3442 — CVSS 6.1 (medium): A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd…
CVE-2025-1178 — CVSS 5.6 (medium): A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function…
CVE-2017-14974 — CVSS 5.5 (medium): The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29…
CVE-2018-18484 — CVSS 5.5 (medium): An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++…
CVE-2018-18605 — CVSS 5.5 (medium): A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD)…
CVE-2018-18606 — CVSS 5.5 (medium): An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed…
CVE-2018-18607 — CVSS 5.5 (medium): An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2018-18700 — CVSS 5.5 (medium): An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability…
CVE-2018-18701 — CVSS 5.5 (medium): An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability…
CVE-2017-14940 — CVSS 5.5 (medium): scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows…
CVE-2018-19932 — CVSS 5.5 (medium): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an…
CVE-2018-20002 — CVSS 5.5 (medium): The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2018-20623 — CVSS 5.5 (medium): In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in…
CVE-2018-20651 — CVSS 5.5 (medium): A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka…
CVE-2018-20671 — CVSS 5.5 (medium): load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a…
CVE-2018-20673 — CVSS 5.5 (medium): The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow…
CVE-2017-14939 — CVSS 5.5 (medium): decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a…
CVE-2017-14938 — CVSS 5.5 (medium): _bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29…
CVE-2018-6759 — CVSS 5.5 (medium): The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2018-6872 — CVSS 5.5 (medium): The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows…
CVE-2017-14934 — CVSS 5.5 (medium): process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote…
CVE-2018-7568 — CVSS 5.5 (medium): The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows…
CVE-2018-7569 — CVSS 5.5 (medium): dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a…
CVE-2018-7570 — CVSS 5.5 (medium): The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed…
CVE-2018-7642 — CVSS 5.5 (medium): The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30…
CVE-2017-14933 — CVSS 5.5 (medium): read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows…
CVE-2018-8945 — CVSS 5.5 (medium): The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30…
CVE-2018-9138 — CVSS 5.5 (medium): An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++…
CVE-2018-9996 — CVSS 5.5 (medium): An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling…
CVE-2019-12972 — CVSS 5.5 (medium): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a…
CVE-2019-14250 — CVSS 5.5 (medium): An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not…
CVE-2019-14444 — CVSS 5.5 (medium): apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation…
CVE-2017-14932 — CVSS 5.5 (medium): decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote…
CVE-2019-9071 — CVSS 5.5 (medium): An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes…
CVE-2019-9072 — CVSS 5.5 (medium): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted…
CVE-2019-9073 — CVSS 5.5 (medium): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted…
CVE-2019-9074 — CVSS 5.5 (medium): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an…
CVE-2017-14930 — CVSS 5.5 (medium): Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29…
CVE-2019-9076 — CVSS 5.5 (medium): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted…
CVE-2017-14529 — CVSS 5.5 (medium): The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29…
CVE-2020-16590 — CVSS 5.5 (medium): A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as…
CVE-2020-16591 — CVSS 5.5 (medium): A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in…
CVE-2020-16592 — CVSS 5.5 (medium): A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as…
CVE-2020-16593 — CVSS 5.5 (medium): A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2020-16599 — CVSS 5.5 (medium): A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2020-19724 — CVSS 5.5 (medium): A memory consumption issue in get_data function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via…
CVE-2017-14130 — CVSS 5.5 (medium): The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2020-21490 — CVSS 5.5 (medium): An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn…
CVE-2020-35493 — CVSS 5.5 (medium): A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap…
CVE-2020-35495 — CVSS 5.5 (medium): There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could…
CVE-2020-35496 — CVSS 5.5 (medium): There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file…
CVE-2020-35507 — CVSS 5.5 (medium): There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able…
CVE-2021-20284 — CVSS 5.5 (medium): A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due…
CVE-2017-14129 — CVSS 5.5 (medium): The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows…
CVE-2017-14128 — CVSS 5.5 (medium): The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29…
CVE-2017-13757 — CVSS 5.5 (medium): The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which…
CVE-2022-35205 — CVSS 5.5 (medium): An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause…
CVE-2022-35206 — CVSS 5.5 (medium): Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c.
CVE-2022-38533 — CVSS 5.5 (medium): In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in…
CVE-2022-4285 — CVSS 5.5 (medium): An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may…
CVE-2017-13716 — CVSS 5.5 (medium): The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a…
CVE-2022-47007 — CVSS 5.5 (medium): An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service…
CVE-2022-47008 — CVSS 5.5 (medium): An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial…
CVE-2022-47010 — CVSS 5.5 (medium): An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due…
CVE-2022-47011 — CVSS 5.5 (medium): An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of…
CVE-2022-48063 — CVSS 5.5 (medium): GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files…
CVE-2022-48064 — CVSS 5.5 (medium): GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_li…
CVE-2022-48065 — CVSS 5.5 (medium): GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.
CVE-2017-17080 — CVSS 5.5 (medium): elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core…
CVE-2017-15225 — CVSS 5.5 (medium): _bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29…