Vulnerabilities > Llvm

DATE CVE VULNERABILITY TITLE RISK
2023-05-05 CVE-2023-29932 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Llvm 20221101
llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand.
local
low complexity
llvm CWE-119
5.5
2023-05-05 CVE-2023-29933 Out-of-bounds Read vulnerability in Llvm 20221211
llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.
local
low complexity
llvm CWE-125
5.5
2023-05-05 CVE-2023-29934 Out-of-bounds Read vulnerability in Llvm 20221122
llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().
local
low complexity
llvm CWE-125
5.5
2023-05-05 CVE-2023-29935 Reachable Assertion vulnerability in Llvm 20221123
llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.
local
low complexity
llvm CWE-617
5.5
2023-05-05 CVE-2023-29939 Out-of-bounds Read vulnerability in Llvm 20230112
llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr).
local
low complexity
llvm CWE-125
5.5
2023-05-05 CVE-2023-29941 Out-of-bounds Read vulnerability in Llvm 20230112
llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp.
local
low complexity
llvm CWE-125
5.5
2023-05-05 CVE-2023-29942 Out-of-bounds Read vulnerability in Llvm 20230112
llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType.
local
low complexity
llvm CWE-125
5.5
2023-03-27 CVE-2023-26924 Classic Buffer Overflow vulnerability in Llvm 20230122
LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockRegion.
local
low complexity
llvm CWE-120
5.5
2014-04-23 CVE-2014-2893 Link Following vulnerability in multiple products
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.
1.9