Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu glibc 2.21 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-18269
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 up to and including 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of ...
Gnu Glibc
8.1
CVSSv3
CVE-2015-8982
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) prior to 2.21 allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
Gnu Glibc
NA
CVE-2014-7817
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent malicious users to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 10.04
Debian Debian Linux 7.0
Gnu Glibc 2.21
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2014-4043
The posix_spawn_file_actions_addopen function in glibc prior to 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent malicious users to trigger use-after-free vulnerabilities.
Gnu Glibc
Opensuse Opensuse 13.1
1 Github repository
NA
CVE-2012-3406
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent malicious users to bypass the...
Canonical Ubuntu Linux 8.04
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
Canonical Ubuntu Linux 12.04
Gnu Glibc 2.5
Canonical Ubuntu Linux 10.04
Gnu Glibc 2.12
NA
CVE-2014-9402
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) prior to 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote malicious users to cause a denial of service (infinite loop) by sending a positive answer while a network...
Gnu Glibc
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2014-8121
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and previous versions does not properly check if a file is open, which allows remote malicious users to cause a denial of service (infinite loop) by performing a look-up...
Suse Suse Linux Enterprise Server 11.0
Suse Suse Linux Enterprise Desktop 11
Gnu Glibc
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
NA
CVE-2012-3404
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent malicious users to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a de...
Canonical Ubuntu Linux 8.04
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Redhat Enterprise Virtualization 3.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Gnu Glibc 2.12
NA
CVE-2012-3405
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent malicious users to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a de...
Canonical Ubuntu Linux 8.04
Redhat Enterprise Linux 6.0
Gnu Glibc 2.14
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Redhat Enterprise Virtualization 3.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
9.8
CVSSv3
CVE-2018-11236
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and previous versions, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentiall...
Gnu Glibc
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Virtualization Host 4.0
Oracle Enterprise Communications Broker 3.0.0
Oracle Enterprise Communications Broker 3.1.0
Oracle Communications Session Border Controller 8.1.0
Oracle Communications Session Border Controller 8.2.0
Oracle Communications Session Border Controller 8.0.0
Netapp Data Ontap Edge -
Netapp Element Software Management -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »