Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glibc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3192
Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent malicious users to obtain sensitive information from process memory by executing an incorrect program, as demonstra...
Gnu Glibc
1 Github repository
5.5
CVSSv3
CVE-2019-7309
In the GNU C Library (aka glibc or libc6) up to and including 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.
Gnu Glibc
9.8
CVSSv3
CVE-2017-18269
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 up to and including 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of ...
Gnu Glibc
5.3
CVSSv3
CVE-2019-1010025
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.
Gnu Glibc -
9.8
CVSSv3
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comment...
Gnu Glibc -
1 Github repository
5.3
CVSSv3
CVE-2019-1010024
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
Gnu Glibc -
1 Github repository
5.5
CVSSv3
CVE-2015-20109
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) prior to 2.22 might allow context-dependent malicious users to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE:...
Gnu Glibc
7.8
CVSSv3
CVE-2019-6488
The string component in the GNU C Library (aka glibc or libc6) up to and including 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, ...
Gnu Glibc
9.8
CVSSv3
CVE-2018-6551
The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requ...
Gnu Glibc
9.8
CVSSv3
CVE-1999-0199
manual/search.texi in the GNU C Library (aka glibc) prior to 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow malicious users to access a dangling pointer in an application whose developer was unaware of a doc...
Gnu Glibc
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »