VYPR
Vendor

Llvm

Products
3
CVEs
13
Across products
14
Status
Private

Products

3

Recent CVEs

13
  • CVE-2026-46250HigJun 3, 2026
    risk 0.40cvss 7.3epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, __current_thread_info is defined as global register variable locating in $gp, and is simply assigned with new address during…

  • CVE-2023-46049MedMar 27, 2024
    risk 0.34cvss 5.3epss 0.01

    LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to llvm-lto. NOTE: this is disputed because the relationship between pdflatex.fmt and any LLVM language front end is not explained, and…

  • CVE-2024-31852MedApr 5, 2024
    risk 0.31cvss 5.9epss 0.01

    LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor…

  • CVE-2026-13574Jun 30, 2026
    risk 0.00cvss epss 0.00

    A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes heap-based buffer overflow. It is possible to…

  • CVE-2026-13573Jun 30, 2026
    risk 0.00cvss epss 0.00

    A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a…

  • CVE-2023-29941May 5, 2023
    risk 0.00cvss epss 0.00

    llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp.

  • CVE-2023-29942May 5, 2023
    risk 0.00cvss epss 0.00

    llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType.

  • CVE-2023-29933May 5, 2023
    risk 0.00cvss epss 0.00

    llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.

  • CVE-2023-29932May 5, 2023
    risk 0.00cvss epss 0.00

    llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand.

  • CVE-2023-29935May 5, 2023
    risk 0.00cvss epss 0.00

    llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.

  • CVE-2023-29934May 5, 2023
    risk 0.00cvss epss 0.00

    llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().

  • CVE-2015-3027Apr 10, 2015
    risk 0.00cvss epss 0.01

    Clang in LLVM, as used in Apple Xcode before 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which might allow context-dependent attackers to bypass a stack-guard protection mechanism via crafted input to an affected C…

  • CVE-2014-2893Apr 23, 2014
    risk 0.00cvss epss 0.00

    The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.