Skip to main content

Mingw W64

2 CVEs product

Monthly

CVE-2018-5392 HIGH This Week

mingw-w64 version 5.0.4 by default produces executables that opt in to ASLR, but are not compatible with ASLR. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Microsoft Information Disclosure Mingw W64
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2018-1000101 CRITICAL PATCH Act Now

Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination (CWE-170) vulnerability in mingw-w64-crt (libc)->(v)snprintf that can result in The bug may be used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Mingw W64
NVD
CVSS 3.0
9.8
EPSS
2.3%
EPSS 1% CVSS 7.5
HIGH This Week

mingw-w64 version 5.0.4 by default produces executables that opt in to ASLR, but are not compatible with ASLR. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination (CWE-170) vulnerability in mingw-w64-crt (libc)->(v)snprintf that can result in The bug may be used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Mingw W64
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy