Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eglibc eglibc vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2015-8984
The fnmatch function in the GNU C Library (aka glibc or libc6) prior to 2.22 might allow context-dependent malicious users to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read.
Gnu Glibc
5.9
CVSSv3
CVE-2016-4429
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Gnu Glibc
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
1 Article
5.5
CVSSv3
CVE-2015-8777
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) prior to 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
Gnu Glibc
NA
CVE-2015-5277
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) prior to 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Gnu Glibc
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
NA
CVE-2014-8121
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and previous versions does not properly check if a file is open, which allows remote malicious users to cause a denial of service (infinite loop) by performing a look-up...
Suse Suse Linux Enterprise Server 11.0
Suse Suse Linux Enterprise Desktop 11
Gnu Glibc
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
NA
CVE-2014-9402
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) prior to 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote malicious users to cause a denial of service (infinite loop) by sending a positive answer while a network...
Gnu Glibc
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2012-6656
iconvdata/ibm930.c in GNU C Library (aka glibc) prior to 2.16 allows context-dependent malicious users to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.
Debian Debian Linux 7.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 10.04
Gnu Glibc
NA
CVE-2014-7817
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent malicious users to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 10.04
Debian Debian Linux 7.0
Gnu Glibc 2.21
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2011-2702
Integer signedness error in Glibc prior to 2.13 and eglibc prior to 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent malicious users to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) me...
Gnu Glibc 2.12.1
Gnu Glibc
Gnu Glibc 2.12
Gnu Eglibc
1 EDB exploit
NA
CVE-2014-4043
The posix_spawn_file_actions_addopen function in glibc prior to 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent malicious users to trigger use-after-free vulnerabilities.
Gnu Glibc
Opensuse Opensuse 13.1
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »