Vulnerabilities > GNU > GCC > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-18 | CVE-2021-37322 | Use After Free vulnerability in GNU Binutils GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. | 7.8 |
| 2019-10-23 | CVE-2002-2439 | Integer Overflow or Wraparound vulnerability in GNU GCC Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts. | 7.8 |
| 2019-09-02 | CVE-2019-15847 | Insufficient Entropy vulnerability in multiple products The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. | 7.5 |
| 2019-05-22 | CVE-2018-12886 | Information Exposure Through an Error Message vulnerability in GNU GCC stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against. | 8.1 |