threat
engine
.sh
Back
·
··:··
Home
/
Product
/
gnu gcc
Product
gnu gcc
16 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-4039
< 2023-09-12
DISPUTED
A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit
4.8
MEDIUM
CVE-2021-3826
all versions
Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial
6.5
MEDIUM
CVE-2022-27943
all versions
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
5.5
MEDIUM
CVE-2021-46195
all versions
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allo
5.5
MEDIUM
CVE-2021-37322
< 10.1
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.
7.8
HIGH
CVE-2002-2439
< 4.8.0
Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.
7.8
HIGH
CVE-2019-15847
< 7.5.0
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsi
7.5
HIGH
CVE-2018-12886
>= 4.1 and <= 8.0
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (und
8.1
HIGH
CVE-2017-11671
all versions
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.
4.0
MEDIUM
CVE-2015-5276
< 4.9.4
The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short rea
CVE-2013-4598
all versions
The Groups, Communities and Co (GCC) module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permission, which allows rem
CVE-2008-1685
all versions
gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be great
CVE-2008-1367
all versions
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on
CVE-2006-1902
all versions
fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr c
CVE-2000-1219
<= 3.3.3
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave appli
CVE-1999-1439
all versions
gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files.
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin