Vulnerabilities > GNU > High

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2020-19726 Unspecified vulnerability in GNU Binutils 2.36
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service.
network
low complexity
gnu
8.8
8.8
2023-08-22 CVE-2020-35342 Improper Initialization vulnerability in GNU Binutils
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak.
network
low complexity
gnu CWE-665
7.5
7.5
2023-08-22 CVE-2021-46174 Out-of-bounds Write vulnerability in GNU Binutils
Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.
network
low complexity
gnu CWE-787
7.5
7.5
2023-08-22 CVE-2022-44840 Out-of-bounds Write vulnerability in GNU Binutils
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.
local
low complexity
gnu CWE-787
7.8
7.8
2023-08-22 CVE-2022-45703 Out-of-bounds Write vulnerability in GNU Binutils
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.
local
low complexity
gnu CWE-787
7.8
7.8
2023-08-22 CVE-2022-47673 Out-of-bounds Read vulnerability in GNU Binutils
An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.
local
low complexity
gnu CWE-125
7.8
7.8
2023-08-22 CVE-2022-47695 Unspecified vulnerability in GNU Binutils
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c.
local
low complexity
gnu
7.8
7.8
2023-08-22 CVE-2022-47696 Unspecified vulnerability in GNU Binutils
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols.
local
low complexity
gnu
7.8
7.8
2023-08-14 CVE-2023-40303 Unchecked Return Value vulnerability in GNU Inetutils
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd.
local
low complexity
gnu CWE-252
7.8
7.8
2023-07-20 CVE-2022-28733 Integer Underflow (Wrap or Wraparound) vulnerability in GNU Grub2
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value.
network
high complexity
gnu CWE-191
8.1
8.1