Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu eglibc vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-17426
The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cach...
Gnu Glibc 2.26
5
CVSSv2
CVE-2013-0242
Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and previous versions, allows context-dependent malicious users to cause a denial of service (memory corruption and crash) via crafted multibyte characters.
Gnu Glibc 2.17
7.2
CVSSv2
CVE-2010-3856
ld.so in the GNU C Library (aka glibc or libc6) prior to 2.11.3, and 2.12.x prior to 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging ...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 1.00
Gnu Glibc 1.06
Gnu Glibc 2.1.1
Gnu Glibc 1.02
Gnu Glibc 2.0.3
Gnu Glibc 1.07
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.12.0
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 1.04
Gnu Glibc 1.01
3 EDB exploits
6.8
CVSSv2
CVE-2009-5029
Integer overflow in the __tzfile_read function in glibc prior to 2.15 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
Gnu Glibc 2.1.2
Gnu Glibc 2.0.5
Gnu Glibc 2.0.6
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.0
Gnu Glibc 2.13
Gnu Glibc 2.1.1.6
Gnu Glibc 2.1
Gnu Glibc 2.1.9
Gnu Glibc 2.0.1
Gnu Glibc 2.0.4
Gnu Glibc 2.0.2
Gnu Glibc 2.1.3
Gnu Glibc
1 EDB exploit
7.2
CVSSv2
CVE-2010-0296
The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and previous versions, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corrup...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 2.3.10
Gnu Glibc 2.4
Gnu Glibc 2.1
Gnu Glibc 2.3.4
Gnu Glibc 2.1.9
Gnu Glibc 2.3.3
Gnu Glibc 2.6.1
5
CVSSv2
CVE-2016-1234
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) prior to 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent malicious users to cause a denial of service (crash) via a long name.
Gnu Glibc
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 23
6.9
CVSSv2
CVE-2011-0536
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dyna...
Gnu Glibc 2.5-49.el5 5.6
Gnu Glibc 2.12-1.7.el6 0.3
Redhat Enterprise Linux
1 EDB exploit
7.5
CVSSv2
CVE-2014-4043
The posix_spawn_file_actions_addopen function in glibc prior to 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent malicious users to trigger use-after-free vulnerabilities.
Gnu Glibc
Opensuse Opensuse 13.1
1 Github repository
4.6
CVSSv2
CVE-2012-3480
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute ar...
Gnu Glibc 2.16
1 EDB exploit
5
CVSSv2
CVE-2012-6656
iconvdata/ibm930.c in GNU C Library (aka glibc) prior to 2.16 allows context-dependent malicious users to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.
Debian Debian Linux 7.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 10.04
Gnu Glibc
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »