Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bug library project bug library vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-14875
In the __multiply function of the newlib libc library, all versions before 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of _x[0] will trigger a null pointer...
Newlib Project Newlib
6.5
CVSSv3
CVE-2019-14876
In the __lshift function of the newlib libc library, all versions before 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access to b1 will trigger a null pointer dere...
Newlib Project Newlib
6.5
CVSSv3
CVE-2019-14877
In the __mdiff function of the newlib libc library, all versions before 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate big integers, however no check is performed to verify if the allocation succeeded or not. The access to _wds and _sign will trigger a null po...
Newlib Project Newlib
6.5
CVSSv3
CVE-2019-14878
In the __d2b function of the newlib libc library, all versions before 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. Accessing _x will trigger a null pointer dereference...
Newlib Project Newlib
4 Github repositories
6.5
CVSSv3
CVE-2019-14874
In the __i2b function of the newlib libc library, all versions before 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of _ x[0] will trigger a null pointer der...
Newlib Project Newlib
7.5
CVSSv3
CVE-2021-41167
modern-async is an open source JavaScript tooling library for asynchronous operations using async/await and promises. In affected versions a bug affecting two of the functions in this library: forEachSeries and forEachLimit. They should limit the concurrency of some actions but, ...
Modern-async Project Modern-async
5.3
CVSSv3
CVE-2020-29362
An issue exists in p11-kit 0.21.1 up to and including 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 functio...
P11-kit Project P11-kit
5.3
CVSSv3
CVE-2023-26483
gosaml2 is a Pure Go implementation of SAML 2.0. SAML Service Providers using this library for SAML authentication support are likely susceptible to Denial of Service attacks. A bug in this library enables malicious users to craft a `deflate`-compressed request which will consume...
Gosaml2 Project Gosaml2
8.6
CVSSv3
CVE-2022-4904
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
C-ares Project C-ares
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 36
7.5
CVSSv3
CVE-2020-29361
An issue exists in p11-kit 0.21.1 up to and including 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.
P11-kit Project P11-kit
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »