Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu glibc - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-0687
A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix thi...
Gnu Glibc
9.8
CVSSv3
CVE-2023-25139
sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated strin...
Gnu Glibc 2.37
8 Github repositories
9.8
CVSSv3
CVE-2022-23218
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) up to and including 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of ser...
Gnu Glibc
Oracle Enterprise Operations Monitor 4.3
Oracle Enterprise Operations Monitor 4.4
Oracle Enterprise Operations Monitor 5.0
Oracle Communications Cloud Native Core Unified Data Repository 22.2.0
Debian Debian Linux 10.0
1 Github repository
9.8
CVSSv3
CVE-2022-23219
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) up to and including 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of se...
Gnu Glibc
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
Oracle Enterprise Operations Monitor 4.3
Oracle Enterprise Operations Monitor 4.4
Oracle Enterprise Operations Monitor 5.0
Oracle Communications Cloud Native Core Unified Data Repository 22.2.0
Debian Debian Linux 10.0
1 Github repository
9.8
CVSSv3
CVE-2021-33574
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (applicat...
Gnu Glibc 2.33
Gnu Glibc 2.32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp E-series Santricity Os Controller
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Debian Debian Linux 10.0
3 Github repositories
9.8
CVSSv3
CVE-1999-0199
manual/search.texi in the GNU C Library (aka glibc) prior to 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow malicious users to access a dangling pointer in an application whose developer was unaware of a doc...
Gnu Glibc
1 Github repository
9.8
CVSSv3
CVE-2019-14271
In Docker 19.03.x prior to 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.
Docker Docker
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
8 Github repositories
9.8
CVSSv3
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comment...
Gnu Glibc -
1 Github repository
9.8
CVSSv3
CVE-2005-3590
The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing malicious users to corrupt memory.
Gnu Glibc
9.8
CVSSv3
CVE-2019-9169
In the GNU C Library (aka glibc or libc6) up to and including 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
Gnu Glibc
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Backup
Mcafee Web Gateway
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »