Gcc
Products
2- 5 CVEs
- 1 CVE
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-37322 | Hig | 0.51 | 7.8 | 0.01 | Nov 18, 2021 | GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. | ||
| CVE-2002-2439 | Hig | 0.51 | 7.8 | 0.01 | Oct 23, 2019 | Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts. | ||
| CVE-2016-4973 | Hig | 0.51 | 7.8 | 0.00 | Jun 7, 2017 | Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature. | ||
| CVE-2021-46195 | Med | 0.36 | 5.5 | 0.01 | Jan 14, 2022 | GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources. | ||
| CVE-2023-4039 | Med | 0.31 | 4.8 | 0.01 | Sep 13, 2023 | **DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only… | ||
| CVE-1999-1439 | 0.00 | — | 0.00 | Jan 2, 1998 | gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files. |
- risk 0.51cvss 7.8epss 0.01
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.
- risk 0.51cvss 7.8epss 0.01
Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.
- risk 0.51cvss 7.8epss 0.00
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
- risk 0.36cvss 5.5epss 0.01
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.
- risk 0.31cvss 4.8epss 0.01
**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only…
- CVE-1999-1439Jan 2, 1998risk 0.00cvss —epss 0.00
gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files.