cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-1377,https://securityvulnerability.io/vulnerability/CVE-2025-1377,Denial of Service Vulnerability in GNU elfutils Product by GNU,"A denial of service vulnerability has been identified in GNU elfutils version 0.192, specifically affecting the gelf_getsymshndx function within the eu-strip component's strip.c file. This vulnerability allows local attackers to manipulate the function to cause a denial of service, potentially disrupting user access or application functionality. The issue has been publicly disclosed, and it is crucial for users to apply the recommended patch (fbf1df9ca286de3323ae541973b08449f8d03aba) to mitigate any risks. Proper action should be undertaken to safeguard systems from potential exploitation.",Gnu,Elfutils,4.8,MEDIUM,0.0004400000034365803,false,,false,false,true,2025-02-17T05:00:19.000Z,true,false,false,,2025-02-17T05:00:19.288Z,0
CVE-2025-1376,https://securityvulnerability.io/vulnerability/CVE-2025-1376,Denial of Service Vulnerability in GNU elfutils Eu-Strip Library,"A problematic vulnerability has been identified in the GNU elfutils library, specifically within the eu-strip component's elf_strptr function. This flaw allows local attackers to trigger a denial of service by manipulating the library's handling of specific inputs. The complexity of executing this attack is high, suggesting that skilled adversaries may be required for successful exploitation. Following the disclosure of this vulnerability, it is critical to apply the recommended patch (b16f441cca0a4841050e3215a9f120a6d8aea918) promptly to mitigate risks.",Gnu,Elfutils,2,LOW,0.0004400000034365803,false,,false,false,true,2025-02-17T04:31:08.000Z,true,false,false,,2025-02-17T04:31:08.264Z,0
CVE-2025-1372,https://securityvulnerability.io/vulnerability/CVE-2025-1372,Buffer Overflow Vulnerability in GNU elfutils eu-readelf Component,"A buffer overflow vulnerability exists in the eu-readelf component of GNU elfutils version 0.192, specifically in the dump_data_section/print_string_section function in readelf.c. This vulnerability stems from the improper handling of arguments which leads to a buffer overflow condition. This issue requires local access for exploitation and has been made public, presenting potential risks for systems running this software. Applying the available patch (identifier: 73db9d2021cab9e23fd734b0a76a612d52a6f1db) is crucial to mitigate the risk associated with this vulnerability.",Gnu,Elfutils,4.8,MEDIUM,0.0004400000034365803,false,,false,false,true,2025-02-17T03:00:36.000Z,true,false,false,,2025-02-17T03:00:36.624Z,0
CVE-2025-1371,https://securityvulnerability.io/vulnerability/CVE-2025-1371,Null Pointer Dereference in GNU elfutils Affects readelf Functionality,"A vulnerability exists in GNU elfutils version 0.192, specifically within the handle_dynamic_symtab function located in readelf.c. This flaw can lead to a null pointer dereference, which may allow an attacker to exploit the application locally. Public disclosure of the exploit has occurred, indicating a potential risk for systems utilizing this version. To mitigate this issue, a patch has been provided identified by the hash b38e562a4c907e08171c76b8b2def8464d5a104a, which is recommended for immediate application.",Gnu,Elfutils,4.8,MEDIUM,0.0004400000034365803,false,,false,false,true,2025-02-17T02:31:07.000Z,true,false,false,,2025-02-17T02:31:07.921Z,0
CVE-2025-1365,https://securityvulnerability.io/vulnerability/CVE-2025-1365,Buffer Overflow Vulnerability in GNU elfutils eu-readelf,"A vulnerability in GNU elfutils version 0.192 has been discovered affecting the eu-readelf component, specifically in the process_symtab function within the readelf.c file. This vulnerability allows for a buffer overflow condition when manipulating the D/a argument, requiring local access for exploitation. The issue has been publicly disclosed, indicating that attackers may leverage this vulnerability. To mitigate potential risks, a patch is available and should be applied promptly.",Gnu,Elfutils,4.8,MEDIUM,0.0004400000034365803,false,,false,false,true,2025-02-17T00:15:00.000Z,true,false,false,,2025-02-17T00:15:00.000Z,0
CVE-2025-1352,https://securityvulnerability.io/vulnerability/CVE-2025-1352,Memory Corruption Vulnerability in GNU elfutils eu-readelf by GNU,"A vulnerability exists in the GNU elfutils library, specifically within the eu-readelf component's function __libdw_thread_tail, which can lead to memory corruption. Attackers can potentially exploit this vulnerability remotely by manipulating the argument 'w'. While the complexity of the attack is considered high, the exploit has been publicly disclosed, raising concerns for users. It is essential for system administrators to apply the patch (identified as 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753) to mitigate potential risks associated with this vulnerability.",Gnu,Elfutils,2.3,LOW,0.0007300000288523734,false,,false,false,true,2025-02-16T14:31:14.000Z,true,false,false,,2025-02-16T14:31:14.650Z,0
CVE-2025-1182,https://securityvulnerability.io/vulnerability/CVE-2025-1182,Memory Corruption Vulnerability in GNU Binutils ld Component,"A memory corruption vulnerability exists in the GNU Binutils' ld component, specifically within the bfd_elf_reloc_symbol_deleted_p function found in elflink.c. This vulnerability can be exploited remotely, allowing attackers to manipulate memory allocation under certain conditions. While the exploit has been publicly disclosed and poses a significant risk, the complexity involved in executing a successful attack is relatively high. Users are strongly advised to apply the recommended patch identified by commit b425859021d17adf62f06fb904797cf8642986ad to mitigate this security risk.",Gnu,Binutils,2.3,LOW,0.0004400000034365803,false,,false,false,true,2025-02-11T08:31:08.000Z,true,false,false,,2025-02-11T08:31:08.272Z,0
CVE-2025-1181,https://securityvulnerability.io/vulnerability/CVE-2025-1181,Memory Corruption Vulnerability in GNU Binutils by GNU,"A vulnerability in GNU Binutils version 2.43 affects the _bfd_elf_gc_mark_rsec function in the bfd/elflink.c file. This vulnerability allows for memory corruption, which can be exploited remotely. Although the complexity of the attack is considered high, attackers have publicly disclosed exploit methods. To mitigate the risk, applying the provided patch and keeping the software updated is strongly recommended.",Gnu,Binutils,2.3,LOW,0.0004400000034365803,false,,false,false,true,2025-02-11T08:00:11.000Z,true,false,false,,2025-02-11T08:00:11.337Z,0
CVE-2025-1180,https://securityvulnerability.io/vulnerability/CVE-2025-1180,Memory Corruption in GNU Binutils Affects Remote Code Execution,"A vulnerability has been identified in GNU Binutils 2.43, specifically within the _bfd_elf_write_section_eh_frame function found in the bfd/elf-eh-frame.c file. This vulnerability facilitates remote memory corruption through complex attack vectors. While the exploitability may be challenging, its public disclosure raises concerns for potential exploitation. Users and administrators are advised to apply available patches promptly to mitigate this risk and safeguard their systems from potential threats.",Gnu,Binutils,2.3,LOW,0.0004400000034365803,false,,false,false,true,2025-02-11T07:31:06.000Z,true,false,false,,2025-02-11T07:31:06.853Z,0
CVE-2025-1179,https://securityvulnerability.io/vulnerability/CVE-2025-1179,Memory Corruption Vulnerability in GNU Binutils ld Component,"A memory corruption vulnerability has been identified in the GNU Binutils version 2.43, specifically within the bfd_putl64 function of the ld component. An attacker could potentially exploit this vulnerability to manipulate memory, affecting the stability and functionality of the software. The complexity of executing a successful attack remains high, but with the exploit disclosed to the public, vigilance is essential. Users are strongly advised to upgrade to version 2.44 or later to mitigate risks associated with this vulnerability.",Gnu,Binutils,2.3,LOW,0.0007300000288523734,false,,false,false,true,2025-02-11T07:00:10.000Z,true,false,false,,2025-02-11T07:00:10.602Z,0
CVE-2025-1178,https://securityvulnerability.io/vulnerability/CVE-2025-1178,Memory Corruption Vulnerability in GNU Binutils by GNU,"A memory corruption vulnerability exists in the bfd_putl64 function of the libbfd.c component within GNU Binutils 2.43. This issue may be exploited remotely, potentially leading to unauthorized memory access. The complexity of launching such an attack is relatively high, making exploitation challenging. The vulnerability has been publicly disclosed, and users are advised to apply the available patch (identified as 75086e9de1707281172cc77f178e7949a4414ed0) to mitigate risks associated with this vulnerability.",Gnu,Binutils,6.3,MEDIUM,0.0004400000034365803,false,,false,false,true,2025-02-11T06:31:12.000Z,true,false,false,,2025-02-11T06:31:12.580Z,0
CVE-2025-1176,https://securityvulnerability.io/vulnerability/CVE-2025-1176,Heap-based Buffer Overflow in GNU Binutils Affects Software Functionality,"A serious vulnerability exists in GNU Binutils version 2.43, specifically within the '_bfd_elf_gc_mark_rsec' function in 'elflink.c'. This flaw can lead to a heap-based buffer overflow, allowing potential attackers to manipulate the system. Although the attack is complex and challenging to execute, its public disclosure means that it could be exploited in the wild. To mitigate this risk, it is crucial to apply the recommended patch, identified by the commit hash 'f9978defb6fab0bd8583942d97c112b0932ac814'.",Gnu,Binutils,2.3,LOW,0.0010900000343099236,false,,false,false,true,2025-02-11T05:31:08.000Z,true,false,false,,2025-02-11T05:31:08.015Z,0
CVE-2025-1153,https://securityvulnerability.io/vulnerability/CVE-2025-1153,Memory Corruption Vulnerability in GNU Binutils by GNU,"A memory corruption vulnerability was discovered in GNU Binutils versions 2.43 and 2.44, specifically within the bfd_set_format function in file format.c. This flaw can be exploited remotely, although achieving successful exploitation requires a high level of sophistication. Users are strongly advised to upgrade to version 2.45 to mitigate the risk associated with this vulnerability. The patch addressing this issue is associated with identifier 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150.",Gnu,Binutils,2.3,LOW,0.0006000000284984708,false,,false,false,false,,false,false,false,,2025-02-10T19:00:13.010Z,0
CVE-2025-1152,https://securityvulnerability.io/vulnerability/CVE-2025-1152,Memory Leak Vulnerability in GNU Binutils by GNU,"A memory leak has been discovered in the xstrdup function within the GNU Binutils component ld, specifically in version 2.43. This vulnerability can be exploited remotely, although the complexity of execution is considered high, making the attack challenging. Users are advised to apply patches to mitigate this issue, as the exploit has been disclosed publicly. The code maintainer noted reluctance in committing specific leak fixes to avoid destabilizing the ld component, but all known memory leak issues have been addressed in the binutils master branch.",Gnu,Binutils,2.3,LOW,0.0005200000014156103,false,,false,false,true,2025-02-10T18:00:09.000Z,true,false,false,,2025-02-10T18:00:09.779Z,0
CVE-2025-1151,https://securityvulnerability.io/vulnerability/CVE-2025-1151,Memory Leak Vulnerability in GNU Binutils by GNU,"A vulnerability has been identified in GNU Binutils version 2.43, specifically within the xmemdup function of the xmemdup.c file component of ld. This issue allows for a memory leak that can be exploited remotely, although the complexity of the attack is considered high and challenging. Despite the disclosure of the exploit to the public, it is advisable for users to promptly apply patches as outlined by the code maintainer. The maintainer has indicated that while leak fixes are available in the binutils master branch, similar fixes will not be committed to the 2.44 branch due to concerns about system stability.",Gnu,Binutils,2.3,LOW,0.0005200000014156103,false,,false,false,true,2025-02-10T17:00:10.000Z,true,false,false,,2025-02-10T17:00:10.236Z,0
CVE-2025-1150,https://securityvulnerability.io/vulnerability/CVE-2025-1150,Memory Leak Vulnerability in GNU Binutils by GNU,"A memory leak vulnerability has been identified in GNU Binutils 2.43, specifically in the bfd_malloc function located in libbfd.c of the component ld. This flaw allows remote attackers to potentially exploit the vulnerability to create a persistent memory leak, which can degrade system performance and stability over time. While the complexity of executing this attack is relatively high, the information about this issue has been made publicly available, increasing its risk of exploitation. It is essential that users apply the recommended patches to mitigate this vulnerability, as the code maintainer has indicated that some fixes related to the memory leak will not be included in the 2.44 branch to avoid destabilizing ld.",Gnu,Binutils,2.3,LOW,0.0005200000014156103,false,,false,false,true,2025-02-10T16:31:07.000Z,true,false,false,,2025-02-10T16:31:07.343Z,0
CVE-2025-1149,https://securityvulnerability.io/vulnerability/CVE-2025-1149,Remote Memory Leak Vulnerability in GNU Binutils by GNU,"A remote memory leak vulnerability exists in GNU Binutils version 2.43, specifically within the xstrdup function in libiberty/xmalloc.c of the ld component. The vulnerability can be exploited remotely, making it a risk for systems utilizing this version. Although the complexity of successfully executing an attack is relatively high, the disclosed exploit has been made publicly accessible. It is essential to apply patches to mitigate this vulnerability, though the maintainer has indicated caution in committing leak fixes to the 2.44 branch, prioritizing system stability. All reported leaks have been resolved in the binutils master branch.",Gnu,Binutils,2.3,LOW,0.0005200000014156103,false,,false,false,true,2025-02-10T14:31:07.000Z,true,false,false,,2025-02-10T14:31:07.377Z,0
CVE-2025-1148,https://securityvulnerability.io/vulnerability/CVE-2025-1148,Memory Leak in GNU Binutils Affects Remote Functionality,"A memory leak vulnerability was identified in GNU Binutils version 2.43, specifically within the link_order_scan function of the ld/ldelfgen.c file. This vulnerability allows for the potential manipulation and leakage of memory data, which could be exploited remotely. The complexity of successfully executing an attack is considered high, and while the exploit details have been publicly disclosed, actual exploitation remains challenging. The maintainer has indicated that due to stability concerns, certain leak fixes might not be incorporated into the official 2.44 branch, although all reported issues have been resolved in the development master branch. Users are strongly advised to patch their systems to mitigate this risk.",Gnu,Binutils,2.3,LOW,0.0006000000284984708,false,,false,false,true,2025-02-10T14:00:12.000Z,true,false,false,,2025-02-10T14:00:12.091Z,0
CVE-2025-1147,https://securityvulnerability.io/vulnerability/CVE-2025-1147,Buffer Overflow in GNU Binutils nm Component from GNU,"A vulnerability exists in the GNU Binutils 2.43 within the nm component, specifically in the __sanitizer::internal_strlen function. This issue can lead to a buffer overflow due to improper handling of the input argument, allowing potential attackers to execute remote attacks. While the complexity of launching such an attack is notably high, the exploitation possibilities have been publicly disclosed, raising concerns for users relying on this product.",Gnu,Binutils,2.3,LOW,0.0006000000284984708,false,,false,false,true,2025-02-10T13:31:07.000Z,true,false,false,,2025-02-10T13:31:07.649Z,0
CVE-2025-0840,https://securityvulnerability.io/vulnerability/CVE-2025-0840,Stack-Based Buffer Overflow in GNU Binutils Affects Remote Functionality,"A vulnerability has been identified in GNU Binutils versions up to 2.43, specifically in the disassemble_bytes function located within the objdump.c file. This issue arises from improper manipulation of the argument buffer, leading to a stack-based buffer overflow. Attackers may exploit this vulnerability remotely, although the complexity of executing the attack is relatively high. Public disclosure of the exploit has occurred, highlighting the urgency for potential mitigation. Users are advised to upgrade to version 2.44 or later to resolve this security concern. For more details, reference the patch identified by baac6c221e9d69335bf41366a1c7d87d8ab2f893.",Gnu,Binutils,6.3,MEDIUM,0.0007300000288523734,false,,false,false,true,2025-01-29T20:00:11.000Z,true,false,false,,2025-01-29T20:00:11.944Z,0
CVE-2025-0395,https://securityvulnerability.io/vulnerability/CVE-2025-0395,Buffer Overflow Vulnerability in GNU C Library Affecting Multiple Versions,"The GNU C Library's assert() function in versions 2.13 to 2.40 has a flaw in its handling of assertion failure messages. When this function fails, it inadequately allocates space for both the message string and its associated size information. This can lead to a buffer overflow condition if the size of the failure message aligns with the page size, potentially allowing attackers to write outside the bounds of allocated memory, leading to exploitability and instability.",The Gnu C Library,Glibc,7.5,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-22T13:11:30.406Z,276
CVE-2024-57360,https://securityvulnerability.io/vulnerability/CVE-2024-57360,Incorrect Access Control in GNU Binutils nm Tool,"The GNU Binutils nm tool, specifically versions 2.43 and later, is affected by a significant security vulnerability that stems from improper access control within its functionality. This issue can be exploited locally, particularly through the `nm --without-symbol-version` operation. Attackers leveraging this flaw may gain unauthorized access to sensitive data, compromising system integrity and security.",GNU,Binutils,7.7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T00:00:00.000Z,0
CVE-2024-56737,https://securityvulnerability.io/vulnerability/CVE-2024-56737,Heap-Based Buffer Overflow in GNU GRUB2 Affected by Malicious HFS Filesystem Data,"A vulnerability exists in GNU GRUB2 (version 2.12) that is triggered by a heap-based buffer overflow. This flaw can be exploited if an attacker uses specially crafted sblock data within an HFS filesystem. Such an exploitation may lead to unauthorized access or corruption of memory, impacting the stability and security of systems utilizing this bootloader. Addressing this issue promptly is crucial for maintaining system integrity and protecting against potential threats.",Gnu,Grub2,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-29T00:00:00.000Z,0
CVE-2024-56738,https://securityvulnerability.io/vulnerability/CVE-2024-56738,Side-Channel Vulnerability in GNU GRUB Affects Multiple Versions,"The vulnerability in GNU GRUB affects versions prior to 2.12 due to the use of a non-constant-time algorithm in the grub_crypto_memcmp function. This imperfection opens the door for potential side-channel attacks, where attackers might exploit differences in processing time to infer sensitive information. Such vulnerabilities can significantly compromise the security of boot processes and the overall integrity of systems relying on GRUB for initialization.",Gnu,Grub2,5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-29T00:00:00.000Z,0
CVE-2024-53589,https://securityvulnerability.io/vulnerability/CVE-2024-53589,Buffer Overflow Vulnerability in GNU objdump by GNU,"The GNU objdump tool, particularly version 2.43, is prone to a buffer overflow vulnerability in the BFD library when processing tekhex format files. This flaw could allow attackers to potentially exploit the handling of malformed input files, leading to unexpected behavior or crashes in the application, allowing for unauthorized access or further exploitation within the system. Users are advised to update to the latest version and apply relevant security patches to mitigate this risk.",GNU,objdump,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-05T00:00:00.000Z,0