cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-1182,https://securityvulnerability.io/vulnerability/CVE-2025-1182,Memory Corruption Vulnerability in GNU Binutils ld Component,"A memory corruption vulnerability exists in the GNU Binutils' ld component, specifically within the bfd_elf_reloc_symbol_deleted_p function found in elflink.c. This vulnerability can be exploited remotely, allowing attackers to manipulate memory allocation under certain conditions. While the exploit has been publicly disclosed and poses a significant risk, the complexity involved in executing a successful attack is relatively high. Users are strongly advised to apply the recommended patch identified by commit b425859021d17adf62f06fb904797cf8642986ad to mitigate this security risk.",Gnu,Binutils,2.3,LOW,0.0004400000034365803,false,,false,false,true,2025-02-11T08:31:08.000Z,true,false,false,,2025-02-11T08:31:08.272Z,0
CVE-2025-1181,https://securityvulnerability.io/vulnerability/CVE-2025-1181,Memory Corruption Vulnerability in GNU Binutils by GNU,"A vulnerability in GNU Binutils version 2.43 affects the _bfd_elf_gc_mark_rsec function in the bfd/elflink.c file. This vulnerability allows for memory corruption, which can be exploited remotely. Although the complexity of the attack is considered high, attackers have publicly disclosed exploit methods. To mitigate the risk, applying the provided patch and keeping the software updated is strongly recommended.",Gnu,Binutils,2.3,LOW,0.0004400000034365803,false,,false,false,true,2025-02-11T08:00:11.000Z,true,false,false,,2025-02-11T08:00:11.337Z,0
CVE-2025-1180,https://securityvulnerability.io/vulnerability/CVE-2025-1180,Memory Corruption in GNU Binutils Affects Remote Code Execution,"A vulnerability has been identified in GNU Binutils 2.43, specifically within the _bfd_elf_write_section_eh_frame function found in the bfd/elf-eh-frame.c file. This vulnerability facilitates remote memory corruption through complex attack vectors. While the exploitability may be challenging, its public disclosure raises concerns for potential exploitation. Users and administrators are advised to apply available patches promptly to mitigate this risk and safeguard their systems from potential threats.",Gnu,Binutils,2.3,LOW,0.0004400000034365803,false,,false,false,true,2025-02-11T07:31:06.000Z,true,false,false,,2025-02-11T07:31:06.853Z,0
CVE-2025-1179,https://securityvulnerability.io/vulnerability/CVE-2025-1179,Memory Corruption Vulnerability in GNU Binutils ld Component,"A memory corruption vulnerability has been identified in the GNU Binutils version 2.43, specifically within the bfd_putl64 function of the ld component. An attacker could potentially exploit this vulnerability to manipulate memory, affecting the stability and functionality of the software. The complexity of executing a successful attack remains high, but with the exploit disclosed to the public, vigilance is essential. Users are strongly advised to upgrade to version 2.44 or later to mitigate risks associated with this vulnerability.",Gnu,Binutils,2.3,LOW,0.0007300000288523734,false,,false,false,true,2025-02-11T07:00:10.000Z,true,false,false,,2025-02-11T07:00:10.602Z,0
CVE-2025-1178,https://securityvulnerability.io/vulnerability/CVE-2025-1178,Memory Corruption Vulnerability in GNU Binutils by GNU,"A memory corruption vulnerability exists in the bfd_putl64 function of the libbfd.c component within GNU Binutils 2.43. This issue may be exploited remotely, potentially leading to unauthorized memory access. The complexity of launching such an attack is relatively high, making exploitation challenging. The vulnerability has been publicly disclosed, and users are advised to apply the available patch (identified as 75086e9de1707281172cc77f178e7949a4414ed0) to mitigate risks associated with this vulnerability.",Gnu,Binutils,6.3,MEDIUM,0.0004400000034365803,false,,false,false,true,2025-02-11T06:31:12.000Z,true,false,false,,2025-02-11T06:31:12.580Z,0
CVE-2025-1176,https://securityvulnerability.io/vulnerability/CVE-2025-1176,Heap-based Buffer Overflow in GNU Binutils Affects Software Functionality,"A serious vulnerability exists in GNU Binutils version 2.43, specifically within the '_bfd_elf_gc_mark_rsec' function in 'elflink.c'. This flaw can lead to a heap-based buffer overflow, allowing potential attackers to manipulate the system. Although the attack is complex and challenging to execute, its public disclosure means that it could be exploited in the wild. To mitigate this risk, it is crucial to apply the recommended patch, identified by the commit hash 'f9978defb6fab0bd8583942d97c112b0932ac814'.",Gnu,Binutils,2.3,LOW,0.0010900000343099236,false,,false,false,true,2025-02-11T05:31:08.000Z,true,false,false,,2025-02-11T05:31:08.015Z,0
CVE-2025-1153,https://securityvulnerability.io/vulnerability/CVE-2025-1153,Memory Corruption Vulnerability in GNU Binutils by GNU,"A memory corruption vulnerability was discovered in GNU Binutils versions 2.43 and 2.44, specifically within the bfd_set_format function in file format.c. This flaw can be exploited remotely, although achieving successful exploitation requires a high level of sophistication. Users are strongly advised to upgrade to version 2.45 to mitigate the risk associated with this vulnerability. The patch addressing this issue is associated with identifier 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150.",Gnu,Binutils,2.3,LOW,0.0006000000284984708,false,,false,false,false,,false,false,false,,2025-02-10T19:00:13.010Z,0
CVE-2025-1152,https://securityvulnerability.io/vulnerability/CVE-2025-1152,Memory Leak Vulnerability in GNU Binutils by GNU,"A memory leak has been discovered in the xstrdup function within the GNU Binutils component ld, specifically in version 2.43. This vulnerability can be exploited remotely, although the complexity of execution is considered high, making the attack challenging. Users are advised to apply patches to mitigate this issue, as the exploit has been disclosed publicly. The code maintainer noted reluctance in committing specific leak fixes to avoid destabilizing the ld component, but all known memory leak issues have been addressed in the binutils master branch.",Gnu,Binutils,2.3,LOW,0.0005200000014156103,false,,false,false,true,2025-02-10T18:00:09.000Z,true,false,false,,2025-02-10T18:00:09.779Z,0
CVE-2025-1151,https://securityvulnerability.io/vulnerability/CVE-2025-1151,Memory Leak Vulnerability in GNU Binutils by GNU,"A vulnerability has been identified in GNU Binutils version 2.43, specifically within the xmemdup function of the xmemdup.c file component of ld. This issue allows for a memory leak that can be exploited remotely, although the complexity of the attack is considered high and challenging. Despite the disclosure of the exploit to the public, it is advisable for users to promptly apply patches as outlined by the code maintainer. The maintainer has indicated that while leak fixes are available in the binutils master branch, similar fixes will not be committed to the 2.44 branch due to concerns about system stability.",Gnu,Binutils,2.3,LOW,0.0005200000014156103,false,,false,false,true,2025-02-10T17:00:10.000Z,true,false,false,,2025-02-10T17:00:10.236Z,0
CVE-2025-1150,https://securityvulnerability.io/vulnerability/CVE-2025-1150,Memory Leak Vulnerability in GNU Binutils by GNU,"A memory leak vulnerability has been identified in GNU Binutils 2.43, specifically in the bfd_malloc function located in libbfd.c of the component ld. This flaw allows remote attackers to potentially exploit the vulnerability to create a persistent memory leak, which can degrade system performance and stability over time. While the complexity of executing this attack is relatively high, the information about this issue has been made publicly available, increasing its risk of exploitation. It is essential that users apply the recommended patches to mitigate this vulnerability, as the code maintainer has indicated that some fixes related to the memory leak will not be included in the 2.44 branch to avoid destabilizing ld.",Gnu,Binutils,2.3,LOW,0.0005200000014156103,false,,false,false,true,2025-02-10T16:31:07.000Z,true,false,false,,2025-02-10T16:31:07.343Z,0
CVE-2025-1149,https://securityvulnerability.io/vulnerability/CVE-2025-1149,Remote Memory Leak Vulnerability in GNU Binutils by GNU,"A remote memory leak vulnerability exists in GNU Binutils version 2.43, specifically within the xstrdup function in libiberty/xmalloc.c of the ld component. The vulnerability can be exploited remotely, making it a risk for systems utilizing this version. Although the complexity of successfully executing an attack is relatively high, the disclosed exploit has been made publicly accessible. It is essential to apply patches to mitigate this vulnerability, though the maintainer has indicated caution in committing leak fixes to the 2.44 branch, prioritizing system stability. All reported leaks have been resolved in the binutils master branch.",Gnu,Binutils,2.3,LOW,0.0005200000014156103,false,,false,false,true,2025-02-10T14:31:07.000Z,true,false,false,,2025-02-10T14:31:07.377Z,0
CVE-2025-1148,https://securityvulnerability.io/vulnerability/CVE-2025-1148,Memory Leak in GNU Binutils Affects Remote Functionality,"A memory leak vulnerability was identified in GNU Binutils version 2.43, specifically within the link_order_scan function of the ld/ldelfgen.c file. This vulnerability allows for the potential manipulation and leakage of memory data, which could be exploited remotely. The complexity of successfully executing an attack is considered high, and while the exploit details have been publicly disclosed, actual exploitation remains challenging. The maintainer has indicated that due to stability concerns, certain leak fixes might not be incorporated into the official 2.44 branch, although all reported issues have been resolved in the development master branch. Users are strongly advised to patch their systems to mitigate this risk.",Gnu,Binutils,2.3,LOW,0.0006000000284984708,false,,false,false,true,2025-02-10T14:00:12.000Z,true,false,false,,2025-02-10T14:00:12.091Z,0
CVE-2025-1147,https://securityvulnerability.io/vulnerability/CVE-2025-1147,Buffer Overflow in GNU Binutils nm Component from GNU,"A vulnerability exists in the GNU Binutils 2.43 within the nm component, specifically in the __sanitizer::internal_strlen function. This issue can lead to a buffer overflow due to improper handling of the input argument, allowing potential attackers to execute remote attacks. While the complexity of launching such an attack is notably high, the exploitation possibilities have been publicly disclosed, raising concerns for users relying on this product.",Gnu,Binutils,2.3,LOW,0.0006000000284984708,false,,false,false,true,2025-02-10T13:31:07.000Z,true,false,false,,2025-02-10T13:31:07.649Z,0
CVE-2025-0840,https://securityvulnerability.io/vulnerability/CVE-2025-0840,Stack-Based Buffer Overflow in GNU Binutils Affects Remote Functionality,"A vulnerability has been identified in GNU Binutils versions up to 2.43, specifically in the disassemble_bytes function located within the objdump.c file. This issue arises from improper manipulation of the argument buffer, leading to a stack-based buffer overflow. Attackers may exploit this vulnerability remotely, although the complexity of executing the attack is relatively high. Public disclosure of the exploit has occurred, highlighting the urgency for potential mitigation. Users are advised to upgrade to version 2.44 or later to resolve this security concern. For more details, reference the patch identified by baac6c221e9d69335bf41366a1c7d87d8ab2f893.",Gnu,Binutils,6.3,MEDIUM,0.0007300000288523734,false,,false,false,true,2025-01-29T20:00:11.000Z,true,false,false,,2025-01-29T20:00:11.944Z,0
CVE-2022-47696,https://securityvulnerability.io/vulnerability/CVE-2022-47696,Denial of Service Vulnerability in Binutils Objdump by Sourceware,"A vulnerability has been identified in Binutils objdump versions prior to 2.39.3, which allows attackers to exploit the function compare_symbols. This exploitation can lead to denial of service or other unspecified impacts, potentially disrupting services that rely on this tool.",Gnu,Binutils,7.8,HIGH,0.0008500000112690032,false,,false,false,false,,,false,false,,2023-08-22T00:00:00.000Z,0
CVE-2022-48064,https://securityvulnerability.io/vulnerability/CVE-2022-48064,Excessive Memory Consumption in GNU Binutils Affecting Security Functionality,"An excessive memory consumption vulnerability exists in GNU Binutils prior to version 2.40, stemming from the function bfd_dwarf2_find_nearest_line_with_alt in dwarf2.c. Successfully exploiting this vulnerability requires an attacker to provide a specially crafted ELF file, potentially leading to a disruption of services through a DNS attack. Users are advised to upgrade to the latest version to mitigate this risk.",Gnu,Binutils,5.5,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2023-08-22T00:00:00.000Z,0
CVE-2022-35206,https://securityvulnerability.io/vulnerability/CVE-2022-35206,Null Pointer Dereference Vulnerability in Binutils by GNU,"A null pointer dereference vulnerability exists in the readelf utility of Binutils version 2.38.50. This flaw is triggered through the read_and_display_attr_value function in the dwarf.c file, which can allow an attacker to cause a denial of service by exploiting this weakness. Proper validation of input is essential to mitigate the risks associated with this vulnerability.",Gnu,Binutils,5.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2023-08-22T00:00:00.000Z,0
CVE-2022-44840,https://securityvulnerability.io/vulnerability/CVE-2022-44840,Heap Buffer Overflow in Binutils Readelf Affects Sourceware,"A heap buffer overflow vulnerability exists in Binutils Readelf prior to version 2.40. This issue arises from the function find_section_in_set in readelf.c, which may allow an attacker to exploit memory corruption. Proper handling of dynamic memory allocation is crucial to prevent potential impacts on system integrity and security. Implementing updates and patches is essential to mitigate this risk.",Gnu,Binutils,7.8,HIGH,0.0008500000112690032,false,,false,false,false,,,false,false,,2023-08-22T00:00:00.000Z,0
CVE-2022-45703,https://securityvulnerability.io/vulnerability/CVE-2022-45703,Heap Buffer Overflow in Readelf Tool from GNU Binutils,"A heap buffer overflow vulnerability exists in the readelf utility of GNU Binutils prior to version 2.40. This issue is caused by improper handling in the display_debug_section function within the readelf.c source file. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on affected systems, thereby compromising the security of applications using the binutils suite.",Gnu,Binutils,7.8,HIGH,0.0007800000021234155,false,,false,false,false,,,false,false,,2023-08-22T00:00:00.000Z,0
CVE-2022-48065,https://securityvulnerability.io/vulnerability/CVE-2022-48065,Memory Leak Vulnerability in GNU Binutils Affects Multiple Versions,"A memory leak vulnerability has been identified in GNU Binutils versions prior to 2.40. The flaw is located in the function find_abstract_instance within the dwarf2.c file, potentially allowing attackers to consume system resources and affect application performance. Users are advised to update to the latest version to mitigate risks associated with this vulnerability.",Gnu,Binutils,5.5,MEDIUM,0.0007399999885819852,false,,false,false,false,,,false,false,,2023-08-22T00:00:00.000Z,0
CVE-2020-35342,https://securityvulnerability.io/vulnerability/CVE-2020-35342,Uninitialized Heap Vulnerability in GNU Binutils Affects Information Security,"An uninitialized heap vulnerability exists in the GNU Binutils prior to version 2.34, specifically in the tic4x_print_cond function within the opcodes/tic4x-dis.c file. This flaw could potentially allow attackers to exploit the state of heap memory, leading to unauthorized information disclosure. Attackers may leverage this weakness to obtain sensitive data that should remain inaccessible, highlighting the need for timely updates and mitigation measures.",Gnu,Binutils,7.5,HIGH,0.001990000018849969,false,,false,false,false,,,false,false,,2023-08-22T00:00:00.000Z,0
CVE-2022-35205,https://securityvulnerability.io/vulnerability/CVE-2022-35205,Assertion Failure in Binutils Readelf - Denial of Service Vulnerability,"An issue has been identified in the Binutils readelf utility where an assertion failure can be triggered in the display_debug_names function. This vulnerability allows attackers to exploit the affected version, leading to a denial of service. When exploited, it can lead to unexpected application behavior or crashes, thereby impacting system stability and availability. Users of the affected product are advised to implement mitigations and update to secured versions as necessary.",Gnu,Binutils,5.5,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2023-08-22T00:00:00.000Z,0
CVE-2022-47011,https://securityvulnerability.io/vulnerability/CVE-2022-47011,Memory Leak Vulnerability in Binutils by GNU,"A memory leak vulnerability has been identified in the Binutils software package, specifically within the parse_stab_struct_fields function in stabs.c. This issue affects versions 2.34 through 2.38 and could allow attackers to exploit the vulnerability leading to denial of service as a result of memory leaks. If exploited, this could lead to significant resource consumption on affected systems.",Gnu,Binutils,5.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2023-08-22T00:00:00.000Z,0
CVE-2020-19724,https://securityvulnerability.io/vulnerability/CVE-2020-19724,Memory Consumption Vulnerability in GNU nm by GNU,"A memory consumption issue exists in the 'get_data' function of the GNU nm utility, prior to version 2.34. This vulnerability allows attackers to exploit crafted command inputs, leading to a denial of service by exhausting system memory. It is crucial for users of affected versions to apply necessary updates to mitigate this risk.",Gnu,Binutils,5.5,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2023-08-22T00:00:00.000Z,0
CVE-2022-47673,https://securityvulnerability.io/vulnerability/CVE-2022-47673,Out-of-Bounds Read Vulnerability in Binutils by GNU,"A vulnerability has been identified in Binutils addr2line prior to version 2.39.3, located in the function parse_module. This issue involves multiple out-of-bounds reads which may lead to a denial of service or result in other unspecified impacts, thereby compromising system stability and security. Users of the affected versions are urged to update to mitigate potential risks and ensure system integrity.",Gnu,Binutils,7.8,HIGH,0.0008500000112690032,false,,false,false,false,,,false,false,,2023-08-22T00:00:00.000Z,0